# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/malwrhunterteam/status/1240215543480750082
# Reference: https://www.virustotal.com/gui/file/f3b0aa7d9664258c9e1783289c4fc56e05b23e3eb9a3557f55733806564deb73/detection

45.142.212.126:6677

# Reference: https://www.virustotal.com/gui/file/d920f89a4d8ae2f2cc597779c57e515c0f9451a66ecdaeef35169f6d0a43a35d/detection

176.57.69.250:6677
goldfrommadagaskar.pw

# Reference: https://www.virustotal.com/gui/file/1bd9e1a6c02737ffdfca1d3c32985361a5c5bdc5da7cc2593291650eb32dd15d/detection

204.95.99.26:6677
zyzoom007.no-ip.org

# Reference: https://unit42.paloaltonetworks.com/how-cybercriminals-prey-on-the-covid-19-pandemic/ (# RedLine Stealer)

covid-19-gov.com

# Reference: https://twitter.com/jorgemieres/status/1255243161099735046

192.154.229.100:6677

# Reference: https://www.virustotal.com/gui/file/56f4a42801fab4c065a0cf4d34ee6d476419d7ab5570268d811cbfbdfa6f7e5e/detection

45.142.214.84:6677

# Reference: https://twitter.com/yusaerguven/status/1263470947706773504

xalonndoth.xyz

# Reference: https://app.any.run/tasks/2e6b708f-3add-4428-9f4c-f087874050a5/
# Reference: https://www.virustotal.com/gui/file/f6c756d3b2667ac43f733489fffd65d440ea62da586eb792877dcaab2074873d/detection

http://45.66.9.166

# Reference: https://twitter.com/iamwinstonm/status/1275548216470233092

http://45.76.21.56
yy31t.chokun.ru

# Reference: https://twitter.com/James_inthe_box/status/1283383567028908032
# Reference: https://www.virustotal.com/gui/ip-address/198.23.172.50/relations

http://198.23.172.50

# Reference: https://www.virustotal.com/gui/file/ba8d3d5d0d4b0d2178ea3ed1ff72e49ac8f6b608aac2718c6cf9904390dbeb80/detection

http://45.142.214.206

# Reference: https://www.virustotal.com/gui/file/aa30299c8266809acb727ef5ec89a80f0cdbcc848550607743f256438f00e398/detection

http://178.159.43.68

# Reference: https://www.virustotal.com/gui/file/96f235bfbc90b71caa6e4da9a3d73d33a035d944f80f9c53afc4da0ee1a10fce/detection
# Reference: https://www.virustotal.com/gui/ip-address/80.89.238.64/relations

http://80.89.238.64

# Reference: https://www.virustotal.com/gui/file/2d52cbd88d34e2928831164fba18a62dd72ed96927059feca90941c38f45e0d4/detection

80.89.238.64:8080

# Reference: https://www.virustotal.com/gui/file/a14148130d16c614e137f9aa0d4a24c09136db6b21974a594df6770b9b1d922d/detection

80.89.238.64:8087

# Reference: https://www.virustotal.com/gui/file/74110b6941ce18add7a009279ce36b06917c66025734daf729bc8bae7ec49cb1/detection

80.89.238.64:8990

# Reference: https://www.virustotal.com/gui/file/070967deea1294d9f3ae5993cc6d9c8bf5d800640b1477944838c02a5613e23d/detection

fragly.top

# Reference: https://www.virustotal.com/gui/file/54567d476e085f5aa1ba45e0b80e7eec75337d93de996f118da592b93b144c8e/detection

3.127.146.248:6677
a0438890.xsph.ru

# Reference: https://app.any.run/tasks/101376ff-5daa-4b49-a1b9-fb391c852079/

http://95.181.172.34

# Reference: https://www.virustotal.com/gui/file/4f0c8558a81e024b9248403a05a3aa50163da44d9e966822acc77926aeb17abc/detection

http://45.142.213.244
45.142.213.244:88

# Reference: https://www.virustotal.com/gui/file/409d53cfaf4e43f9257c281b2026fe075b5459d1bb19e5eb30d8ff75e882689c/detection

45.142.213.244:27016

# Reference: https://www.virustotal.com/gui/file/9a234c43b87d16370414c22b3b2f37f2f92f86da711fab87e392eb1fbc9c0cde/detection

45.67.228.55:27016

# Reference: https://www.virustotal.com/gui/file/4759a80ce3801139ad2972a42e524a728c2b19d9c6a9d82d7a52ad2742bf9d0f/detection

omilonian.club

# Reference: https://www.virustotal.com/gui/file/cbbffd737dab38f3f637a532e210273f295243fd83a130003d36eb0689df2282/detection

dirtate.club

# Reference: https://www.virustotal.com/gui/file/4b6956cc243efb50c75fb740540bf1ec648ee56433e9868d85751f3677e50bca/detection
# Reference: https://www.virustotal.com/gui/file/3b942a9b290020ae3ff94d7af18dbe23669cbfb1d9e16272048ebcc88117cf8d/detection

http://159.69.40.187
j1093145.myjino.ru

# Reference: https://www.virustotal.com/gui/file/89773ed5a0fd438d9c7d86da129b19d945be5696b736314739a2364839a3a2b4/detection

74.208.166.46:22

# Reference: https://www.virustotal.com/gui/file/9da816bddae582a08537dd5804549c0b2cf594f4ac2f9065d242d61e41d78259/detection

rrkimal.xyz

# Reference: https://www.virustotal.com/gui/file/029ae517a07624221886a5f2e15bbbecff3d2afed842e4b52eafaec1409f87d7/detection

haroldreadlife.info

# Reference: https://www.virustotal.com/gui/file/0687165c7a9b105319ada7d1ea051a4852a5b2f32c81a322e6af98d0db9d9257/detection

http://195.161.41.183
185.153.198.216:35253

# Reference: https://www.virustotal.com/gui/file/276a4b8565a2cf1eb94e998cd025cd1cc961e034464206f15f0bb1d9a6da27bd/detection

4hzp4c.mydepp.ru

# Reference: https://www.virustotal.com/gui/file/e7b4146f9277fee3e790d8d2d83f9f1fd2d1e263b3eaee3dce79f03f1dcf20af/detection

http://81.177.165.192
8hjbhuh.regfrodom.ru

# Reference: https://www.virustotal.com/gui/file/c07df4766d20cd66406250d96e6b4c3e632688c784caec6f780387686117ddf5/detection

recipeskitchen.info

# Reference: https://www.virustotal.com/gui/file/206f7d63fc4fedf05a3880eda3671b2338ba2cebeaf1a58f65d7a7bcdb68a2b8/detection

http://217.107.219.68
217.107.219.68:35253

# Reference: https://www.virustotal.com/gui/file/d86500e2e0bfb50d01b7836ded1cc2e4573152a66819b487e1a188694f7098eb/detection

elerinomi.xyz

# Reference: https://www.virustotal.com/gui/file/93e56b013a5c3b7125ed9dfbce83683cd10c9507fe7c7039bdf498926b7f6776/detection

http://195.123.241.230

# Reference: https://www.virustotal.com/gui/file/487b0a4a808b62ec9c1ea73ff12e5307ba02c0d07339feb8f8aad79f429eb9f8/detection

http://185.153.198.216
http://193.38.54.91
185.153.198.216:35254
193.38.54.91:8080

# Reference: https://www.virustotal.com/gui/file/974b11810776fd4496f5ca9a8b5d0b67e7f713c289477f2b09973a26f2ab82af/detection

http://49.12.11.188
j1093144.myjino.ru

# Reference: https://www.virustotal.com/gui/file/cbec9612f5b1c5379fdc3d746caff4a4b5695b3292c6099700ab63c6bd45bdb0/detection

195.2.70.204:35253

# Reference: https://www.virustotal.com/gui/file/e99ed0cb6113a0b1713147da8ba391315cd7eeecc69e95dfd651bd5966d97eef/detection

http://179.43.170.130

# Reference: https://www.virustotal.com/gui/file/fc62c32a79b9d84ad82c08d5197df46e0699c94282c24f9f4df6887b9b6c62e6/detection

http://195.2.71.122
5v78i24.mydepp.ru

# Reference: https://www.virustotal.com/gui/file/75731505d87f120fc84cd1453a5249de96f6633613b3dcbdc1ad2fdbe9d0a673/detection

http://80.208.231.136

# Reference: https://www.virustotal.com/gui/file/a28cab7a918a6d7b70304aa304f18ab4bee134bd4c1558e7ecf85533158671da/detection

43lox5.mydepp.ru

# Reference: https://www.virustotal.com/gui/file/f13d0d8fba18fe459fb352640410b4e259d78afd37d053e97fcc3bc366be629e/detection

http://195.2.92.164

# Reference: https://www.virustotal.com/gui/file/42e142781db3adc5da9a6072c51c9a2258e42ad2ec9e362503e172443b72062c/detection

http://212.162.148.15
3f6mm0.regfrodom.ru

# Reference: https://www.virustotal.com/gui/file/6afc908999cba554d911d760c5d4dc065fb72d06dcecd7e599035833332d910e/detection

http://93.115.22.96

# Reference: https://www.virustotal.com/gui/file/d5200ca81e04d0d3e23fe9f35cde3f7ceef75e0ac5f5e5df710c30761de46a82/detection

http://45.67.228.55

# Reference: https://www.virustotal.com/gui/file/803829f97e020d3d5f35bd9fc11568f54ca7ab01394053e8ade7e5e299f3263e/detection

http://159.69.249.205
xuriq.makeiralone.ru

# Reference: https://www.virustotal.com/gui/file/9c3d3d932f2cfd6b1278e544ec50fba691fb3372c808ad4ce83c182ac596eb61/detection

j1093151.myjino.ru

# Reference: https://www.virustotal.com/gui/file/bc6cf1a2f555a8c40590edebdf5f62a36ec96c637d192ce3777797c22103a336/detection

http://195.161.41.119

# Reference: https://www.virustotal.com/gui/file/77b6705f4dbf707dc4c28ee59f58c5d7ae3a452c6a05a920cd07034dce05bc78/detection

4xnnbwh.aletitself.ru

# Reference: https://www.virustotal.com/gui/file/4ad6224ad13d804a0e51b000f1d3d8467bf3fd92adae42181505dad425fc3c16/detection

wcmj3.regfrodom.ru

# Reference: https://www.virustotal.com/gui/file/86582d84d6e4b1321431c74645528727169c1af9b23d396abaeeccc9adbbe7ce/detection

http://45.139.236.84
45.139.236.84:35253

# Reference: https://www.virustotal.com/gui/file/6d3d3f597ccdc42b0944f4fcbdc679a7aa431b726717d8ddea75433e0feb0480/detection

26geyw.makeiralone.ru

# Reference: https://www.virustotal.com/gui/file/d1a5e0e77ac5fcc92e382632e7aba769ddc8c579079e9b87752844b9f47afb66/detection

zphy9.mydepp.ru

# Reference: https://www.virustotal.com/gui/file/67582fe3899bf3660787599bfca689a22fb68401ec59e35b147fdaba61f23063/detection

http://49.12.104.203

# Reference: https://www.virustotal.com/gui/file/6225c71091ec37b9e09972c04738a81212a51adeab87ff7a1a3bb7b150268026/detection

tq5d.regfrodom.ru

# Reference: https://www.virustotal.com/gui/file/09d5ddcab205a8a1a7dc89eb59388fc5ac860d8bd907e8652244ff2bcf00929e/detection

643yrw6.regfrodom.ru

# Reference: https://www.virustotal.com/gui/file/5d19f63183cbe6d2fa0c5f583d7eea04d4b772c00856beba98085ccb1cc513c4/detection

k12.regfrodom.ru

# Reference: https://twitter.com/JAMESWT_MHT/status/1297878628450152448

95.181.172.34:35253

# Reference: https://app.any.run/tasks/a407ad1e-5b05-496d-8f95-6dda9d511dc0/

bolarie.xyz

# Reference: https://twitter.com/JAMESWT_MHT/status/1322845872544194562
# Reference: https://bazaar.abuse.ch/sample/b3cfbb058c0ecbd7da7f5bdd740fa729f7b0d9cf61f93b32750ce06745abc24c
# Reference: https://www.virustotal.com/gui/file/b3cfbb058c0ecbd7da7f5bdd740fa729f7b0d9cf61f93b32750ce06745abc24c/detection
# Reference: https://www.virustotal.com/gui/file/446edc0d1f7fff55b43dc47d935ac4c8b4ec345a5edaf90f5ea2122d3137f19b/detection

avscanner.site
marscleaner.site
fatfarts.com
solarpwr.ru

# Reference: https://www.virustotal.com/gui/file/fc98a2d606c58b8d7c318b470a77c342b290d1dea2da32d2f9648cbeddff9143/detection

banesys.xyz

# Reference: https://www.virustotal.com/gui/file/d0056dc81acbc4ea4fa63420e780f58beba75a1d5ad1111e3194689f9d241120/detection

2.56.213.140:35253

# Reference: https://www.virustotal.com/gui/file/f7a125635ef310828bb6268a833c825bf0d8dbc3917524a7d568ec8e0977ac7d/detection

45.141.58.213:35200
loveland957.duckdns.org

# Reference: https://twitter.com/JAMESWT_MHT/status/1330817468424708097
# Reference: https://www.virustotal.com/gui/file/0d5bfc0c20d8142640a572b53e611015b225c0312faac51006c299e59a061a8a/detection

http://95.179.148.51
95.179.148.51:35200

# Reference: https://www.virustotal.com/gui/file/7ace2e47f0da1dc1e67271229b77429ea7b09853f94cf034fd2ebc838e8f3f42/detection
# Reference: https://app.any.run/tasks/c635f3bf-91ce-4b8f-9656-975785309f22/

45.150.67.5:35200
s58s.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/58ccc1924fab52eea591a2259d3d2d5b9b71b826f73d2ad44c8a978a69274639/detection
# Reference: https://www.virustotal.com/gui/file/505480d98283a5b8eb3b59da40bbd87ccd0c87a3ee17967a01f6bc77f85a7bb0/detection

i1.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/4e47e31a1e3be59e4dad30afc9ebe982d63a4744639173ce1714b483c7d5097e/detection

8lyo1em.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/749779f774ba19e92898e12efe456f817dd2c7a28bd39996a94bb0982c47d228/detection
# Reference: https://www.virustotal.com/gui/file/4c52abff5124e2f083461359f36f0e80cf278124175c513a2219c7e2bbb403ca/detection

4nmb2f.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/a0028ba2c7d5692b05291ab737ae30afe27db4c70221ffde0c987c3ce6f44de4/detection

rzbk.puanp.ru
univialan.xyz

# Reference: https://www.virustotal.com/gui/file/50c123fb7a5375bdefa79954ea6004557ab44a5cc4539a44b4ec0781998ec279/detection

45.142.214.15:35200

# Reference: https://www.virustotal.com/gui/file/c3a9fbfdac63bd430d676fd00b17e0b8594bc6d0e65d4961abc011485bc791a6/detection
# Reference: https://www.virustotal.com/gui/file/b3f6769773249be4fc2099e0c49cbf4f338e871764f98cfbaac393476318efdd/detection

139.180.146.6:1524
http://139.180.146.6
w1azp.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/9850bb21544a0375948ab304014fbad4d3a9bbd7289c5ca42de9447298ff8bce/detection

piterpakrework.info

# Reference: https://www.virustotal.com/gui/file/c5a2167d4f12dc79ff66922a7e831220238e787f98386cc1c813ac05a5de37ad/detection

http://87.251.71.88
7qxlq4x.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/3918fafd28e4bc2e79d4c2c3813c930a29d7d547a601c755c1d92331dea32303/detection

185.144.29.169:4898
ni0.puanp.ru

# Reference: https://www.virustotal.com/gui/file/ecfccb38dafd7a68787fba8bec49fa35cf8ea0a6b05b86acc7d1bc3b1338696f/detection
# Reference: https://www.virustotal.com/gui/file/7f9a8d9625a8cc588517f5d1e460b85db1ba571b3b5e8291dff141b77194de07/detection

138.124.180.175:35200
52p666a.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/4f210f1d93df30ac3aadce50e30505efc0bf2e60ee86048a5cc8ad062dd90dad/detection

htpdi.ru

# Reference: https://www.virustotal.com/gui/file/88cc6bfc643dedc34cb9fccd86f0cea599824b2b2095eb3596562e708fb78f36/detection

45.144.29.87:1195
o23.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/4f47e4807dcac7a4937c7965b35de917b0615e79698d8246806b3d34bf42058f/detection

168.119.121.41:35200
5.252.194.139:35200
j1118490.myjino.ru

# Reference: https://www.virustotal.com/gui/file/294a004c549914c140983de8717d053e0637994bd08c1763820d6d9a21f1fce1/detection

gc.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/9d9bd21d06e78c427c294410a7799ce6a058b4c5230b55669fb7f83af273c6ab/detection

http://93.115.20.250
1ioax6.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/08a123f5a2182eeafb1fd72cfb659e959d78e9222a63c9ef84ed62e2753052ec/detection

8evknfk.puanp.ru

# Reference: https://www.virustotal.com/gui/file/0773af8db04a5c0d400f13a6d0f7d071fc3b82b93d6b099cd4b7c3f3708f056c/detection

3bvmyz.subbir.ru
yoreanan.xyz

# Reference: https://www.virustotal.com/gui/file/59556af8b735f061c760947644536940b0a4c88a5af608bf4cdad28e234c8f83/detection

72ac38q.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/1306b4761ccf503919cdda75b4360f25c5b68f664c404b766740114fc9b7dc85/detection

udp3.puanp.ru

# Reference: https://www.virustotal.com/gui/file/08eb269d6c3bfaf4d3cde53a987e0adc96a171235d3c34e3c6e9422920e793dd/detection

http://185.153.198.13
rgvq.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/50c123fb7a5375bdefa79954ea6004557ab44a5cc4539a44b4ec0781998ec279/detection

4wqk49.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/f7dbd623d406d873ce55897d7ac498d5d4a1d6ea21977b9fa6c5706304b9ed00/detection

4jmxoa.subbir.ru

# Reference: https://www.virustotal.com/gui/file/c03873769ea8145738ec2c73fb8210f4cfe5d24ece2f62184ae18b86d67c057c/detection

135.181.170.172:35200

# Reference: https://www.virustotal.com/gui/file/be63c5b03643c69c93022467c742f41748e42ab93bfc81c41856729ceb71554e/detection

qqu2.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/1275562d0649464260ad7346739d6e006fbf0556fb829d42800e088ad3b64b45/detection

f7.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/07131d1d78e385d8f41ecaf56cc69fdb29bbfa171c7785b00489c9f9c25599e3/detection

2.56.214.31:35200

# Reference: https://www.virustotal.com/gui/file/e7111acd60f1fbe98eac7e7ff9215b34758257a9badf2fe02ce8d39a1d0a3b73/detection

c.subbir.ru
jx.puanp.ru

# Reference: https://www.virustotal.com/gui/file/d9ccd4ee8088ff64bff8589070ca44905754da2707c0afb9de753d9d38fd6f9c/detection

95.181.155.204:35253
a.puanp.ru

# Reference: https://www.virustotal.com/gui/file/01062222fcf001cc384406df80713d0b1b98daf2d22e8e362489a6949210ffd4/detection

8ogmcq6.puanp.ru

# Reference: https://www.virustotal.com/gui/file/f2bd72ba73945d222c4926b283989470496b401e5710a1648f9f56ab7986492e/detection

c.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/804f3fdb4418931a6d012454ec03223ef5d790a23b12178da818ac67518b45bb/detection

94.177.123.237:35200
http://94.177.123.237

# Reference: https://www.virustotal.com/gui/file/2d2a494f761dcc19ea6b436879c11a9cd5ab04278b227136a7400ab0e41be743/detection

168.119.153.70:35200
http://168.119.153.70

# Reference: https://www.virustotal.com/gui/file/3b29fba829ff5dd4302df9677afe95834aed420a3ab55ef3c2af073017baef32/detection

159.69.35.97:35200
94sb341.subbir.ru

# Reference: https://www.virustotal.com/gui/file/28b42afa0f57a32f9570b828c78816904e30c2c9fe375245d7a4697f9fc00976/detection

188.119.112.47:35200
uv5l0.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/21c532b3140b7141251e85c65f4570dd9e4734c539f895638cab18dbf44e81f4/detection

j1118489.myjino.ru

# Reference: https://www.virustotal.com/gui/file/1df8267dd9ce51b8ccf14a1e06ff7b592e5530e711691d472c927034c46e4eca/detection

hf.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/3280540ae8b952dcb6d6ae152296c8f16f7d623490de7d6903dd400c346b1823/detection

http://45.67.228.250
29zghs.subbir.ru

# Reference: https://www.virustotal.com/gui/file/9fd9e221b5df01d174146d0a88f66600370216ac3d88fb6db8a3639d16d09d0d/detection

188.119.112.224:2581

# Reference: https://www.virustotal.com/gui/file/9901d2a24460508bd010bf1944727516ffb308c28a1efea12fe63e72acaf9cd2/detection

http://95.181.155.204
6srudc7.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/a1e3d4da3cc10b983697f02d2184e060998026c55fbf9e4b5afbb77cbc77ba2d/detection
# Reference: https://www.virustotal.com/gui/file/145bae0149a58edee8a8254ff3ac9a6d4b2ccb59b78c1b9cf53dd31fa7c24113/detection

45.150.67.34:35200
http://45.150.67.34
9brv2vd.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/ce7a10844b3230e848410c58ed5e71309b3cb6b35df648cef4dd787436fc0189/detection

kcj.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/2108a24632f3c3c9cf7ec40bfd020dca9affa6d0aca41d2e76a80d167c0923f1/detection

g5.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/9eb28569e5108dc54581385ba4f7dc90ddffc6e53ee1940ef6546b827319b4dc/detection

79cfu0n.puanp.ru

# Reference: https://www.virustotal.com/gui/file/bc83115007b82b120ab3371136658e2bff388ffe6f54471b44d172ce605ba058/detection

188.119.113.20:35200
http://188.119.113.20

# Reference: https://www.virustotal.com/gui/file/f5115ca7397b49441a77cea1dafabd849971d41ed0e0f60f6fe4ccc26d5b4868/detection
# Reference: https://www.virustotal.com/gui/file/c0d04f87398a9af33e156813ce38572a447ec1999440bde836a605510e2c83a1/detection

135.181.111.110:35200
45.144.29.58:1195
http://45.144.29.58

# Reference: https://www.virustotal.com/gui/file/5c399d5ff7178119a6b3fc3fa597cf7af8f0596517470a42434683574bf5d99d/detection

49.12.79.198:35253
http://49.12.79.198
is.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/f5998c484f87463cc04aaa8ced6b548863d52b95b471b73edcddf54b32333d56/detection

185.107.237.53:35253
http://185.107.237.53

# Reference: https://www.virustotal.com/gui/file/100e040d5cff64538d4a787561042383c68438502632dd1a44433196fd4f8496/detection

2.56.214.31:35200

# Reference: https://www.virustotal.com/gui/file/b2031f84e618d24377831cfe2639e9bc979f0de22f7dd8d3a30575e0eb3e7a25/detection

7lls84p.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/9409ca81b94b456d58c5d7221f7e63d56c6138dae8259a605423fdac7c8e111f/detection

tallipere.xyz

# Reference: https://www.virustotal.com/gui/file/e5e31dc2eabf77b13a496b0abab78e285ae11eb94f7afc71224c559ef59e5fd2/detection

zr29n.subbir.ru

# Reference: https://www.virustotal.com/gui/file/f435aa6b2acbabae5380c5a7be7680567e06e2a7617cd557f11f5896b64f66a9/detection

45.139.236.16:35200
wuqrx.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/8825eebf3e19804f89d438aa971ccf8335cb70724e76057c70f0a5cc3257d72c/detection

npe0.ibidazn.ru

# Reference: https://www.virustotal.com/gui/file/41885c175733f5df1372a3f8812c3e66db547bc6efbc91e3e92dc3df4da7e6ba/detection
# Reference: https://www.virustotal.com/gui/ip-address/94.140.115.156/relations

mardarem.xyz
qileilaro.xyz

# Reference: https://www.virustotal.com/gui/file/519d1f80db167258cb18fbf2780c2a063ce08b362fb321b2e43d0e21337f605b/detection

s7cd.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/a0e6eb32d87b13bfadae56c82e41444d03e92dd882d0693edc38f40410d61601/detection

5scblnq.puanp.ru

# Reference: https://www.virustotal.com/gui/file/c8612c9da44cf8f88062150bace1aa6787dcecebc125856fe061b87307284b11/detection

mxq.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/38ff2e34e7b48b137c10cc985556d1be8f566f4252fa73e2a316c9584e55c92e/detection

j1118491.myjino.ru

# Reference: https://www.virustotal.com/gui/file/09eb0f2a3a32f28887a5438ff400c263e2247b6af78f73df809b40e3bdbc62c6/detection

z4xvw.subbir.ru

# Reference: https://www.virustotal.com/gui/file/250fa44d69942d88c917832591ef2d53e5942117dbc78c4bc49ee1032da25cf0/detection

9yvt40h.subbir.ru

# Reference: https://www.virustotal.com/gui/file/9d97472dc6349edf41e235de9e45beda91afc7fe493e0bdb39a2cd619f4937e9/detection

pg0.subbir.ru

# Reference: https://www.virustotal.com/gui/file/d40a3ec4da61672c31927b65f7829386154d5d9d3122367fec90c9a7edb7ee5d/detection
# Reference: https://www.virustotal.com/gui/file/0eb70fd1476d81dcf01cef53f0cc4f6eb2718c86722eb8a08667f929a8254430/detection

149.3.170.231:35253
173.243.112.96:35253
185.153.198.26:35253
23.95.85.239:35253
redline957.duckdns.org

# Reference: https://twitter.com/makflwana/status/1339732100497326080
# Reference: https://www.virustotal.com/gui/file/6dcb770e16f75716f0b123ebd34b68f6dd98aaa0ab7b4ec0a87461ff16fcdfba/detection

45.84.0.210:27018

# Reference: https://www.virustotal.com/gui/file/e205cb41d5af00b327b7fbc6112ccc6bda75b71ea68d6016050c3228e4955ce8/detection

86.106.181.211:35200
sl0a.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/bc7025907debe969af97397a7e8cf7d3032f2a51873e1a550b17361f74b691aa/detection

j4l.nonakadde.ru

# Reference: https://www.virustotal.com/gui/file/b42b33ffa4b45bc81b71f13d89dc1283b155204913aa8362e99e9aa44366bfb2/detection

173.234.155.143:35253
185.238.171.69:35200
03rdk6.kayumina.ru
addstar.site
p4lq.ibidazn.ru
xp5v87.ahanuna.ru

# Reference: https://www.virustotal.com/gui/file/90dd420c2d134eed9cbec83d1754eb2ec7d9f675108c288222214890d5062945/detection

p361.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/c2fd177d37562389c5360914d8674750d0e20986d57e4437073eb7a51b6fa8e1/detection

ncm.holditbb.ru

# Reference: https://app.any.run/tasks/d6bb5728-7992-492c-a3c0-3fd3fc5575bd/

168.119.126.136:35200

# Reference: https://www.virustotal.com/gui/file/90dd420c2d134eed9cbec83d1754eb2ec7d9f675108c288222214890d5062945/detection

p361.htpdi.ru
venepahu.xyz

# Reference: https://www.virustotal.com/gui/file/1f45245431fe82ce18d68f81e3cc6619e9190ae03f869dbd14dbabf5a0df2346/detection

193.38.54.44:6677

# Reference: https://www.virustotal.com/gui/file/3729cc0e9183d4e4e6e7c9b82311538cc4357e35f817c32791131cc62a32ae1a/detection

3.250.34.72:35200

# Reference: https://www.virustotal.com/gui/file/d048781928e542d4e2a1926a38088c53e45282f350bbd3ddec5bb02fa5c4f20d/detection

http://195.88.209.205
195.88.209.205:35200

# Reference: https://www.virustotal.com/gui/file/ed8fcc8188b4cdc148f4c4ba02572f1fa0d96ffda5ab4f6933d1611be190bd20/detection

http://45.67.228.85
185.140.53.37:1900

# Reference: https://www.virustotal.com/gui/file/c86ceb78c8aa8ecb5e96f7d44a8c593ef2c310102189366d4c0d35e80c0115c9/detection

dovakl.xyz

# Reference: https://www.virustotal.com/gui/file/c277d8c504ae1630a12647c17febacdeec9b945e6c0dd3de13d77e1b19e152f8/detection

80.209.229.192:35253

# Reference: https://www.virustotal.com/gui/file/3d38447751fa697d5555d6105dae910095a2d707d3cbafe74e1b5fedc320ea02/detection

http://138.124.180.103
138.124.180.103:6677

# Reference: https://www.virustotal.com/gui/file/6562d614d287aa4a3ae744b8e7b369a83f98186341bad59115362f6547662b87/detection

45.150.67.47:35200
5.252.194.139:35253
5.61.48.187:35200

# Reference: https://www.virustotal.com/gui/file/7cd263c6c0cfc519ded0b5d4a81611c1a705d7306644ac136af244ba49e039e8/detection

http://138.124.180.103
138.124.180.103:6677

# Reference: https://www.virustotal.com/gui/file/a184c16338fac42c9252dd633adc8998d3807c2b0a6ec092f5236d0f672ff6e4/detection

http://147.78.67.95
http://195.88.209.205
147.78.67.95:35200
195.88.209.205:35200

# Reference: https://www.virustotal.com/gui/file/b7a16329d7ca5a5ff38f6d424b426f33a29e1fff8490016530a7433134b391f6/detection

147.78.67.95:35200
185.248.100.191:35200
5.252.194.139:35200

# Reference: https://www.virustotal.com/gui/file/6efa18e06585b385b74ad9805626c5a2111ccf84cfbc671c570aed1063aaee62/detection

http://185.153.198.36
185.248.101.89:35200

# Reference: https://app.any.run/tasks/8071b4b6-d714-451c-974d-7408ede5c189/

95.217.250.25:3074

# Reference: https://app.any.run/tasks/4b0b368a-f358-4319-b2d8-2e73038292f2/

bilirtylo.xyz

# Reference: https://app.any.run/tasks/400b4c57-3456-4fd5-8cca-39c932931679/

gysmetze.xyz

# Reference: https://app.any.run/tasks/17f4822f-1458-402c-8bae-bacf0407351b/

45.147.230.79:35200

# Reference: https://twitter.com/JAMESWT_MHT/status/1357636864157634560
# Reference: https://pastebin.com/huuZNhcH

45.33.89.196:81
45.67.231.50:81
178.20.40.83:81
185.250.149.233:81

# Reference: https://otx.alienvault.com/pulse/601fd7724f7fa4e61de64741
# Reference: https://www.virustotal.com/gui/file/2fef5d56e1f31582e1d6f1693634c29e42f7ba5ff2997f4f7ec6704388559439/detection
# Reference: https://www.virustotal.com/gui/file/999c372086c7675936d59a123a2dfafa6e4be906e62950126bc2bb0234c43413/detection

19cdd.utsukushikaini.ru
orinenia.xyz

# Reference: https://www.virustotal.com/gui/file/21111940eab18ef660752aa518f6eecc95ee454a6af69b8809f0880d921b1f8e/detection

wornegmot.top

# Reference: https://app.any.run/tasks/1815006b-c425-426f-85cd-7049d7ab9906/

86.106.181.38:3214
2ke9e.uxurani.ru

# Reference: https://twitter.com/wato_dn/status/1362322209868505090

94.103.85.106:35200

# Reference: https://www.virustotal.com/gui/file/cc9f19572d3f795d0c8ef6b27637b14ff8045b7e39874b1cab13069d9c71d9ba/detection

http://178.20.44.143
178.20.44.143:3214
t0hb.uxurani.ru

# Reference: https://www.virustotal.com/gui/file/7b104a5471795edee469e975818adbe98e0bd5077269c62eba6720dfc36079aa/detection

45.140.147.121:3214

# Reference: https://www.virustotal.com/gui/file/faec65d1f24b2d1274db5a3039d58b66b2d97b9483ea9fe4a247a286c31f9e7d/detection

http://185.234.247.197
185.234.247.197:3214
v42.sldov.ru

# Reference: https://www.virustotal.com/gui/file/42a729ad71e53fdaf3827364a3ffe8398e78489d62b9bcd5c5f2d25d286b6f58/detection

45.153.186.104:3214
c.sldov.ru

# Reference: https://www.virustotal.com/gui/file/99248a018982e114235573812d225d219a2a14038bb857e963e1d23ae8d7e9cd/detection

45.145.185.127:3214
e.sldov.ru

# Reference: https://www.virustotal.com/gui/file/ce3b3f21f9673c5cf0c3925e6eb9532fe34aad9555c8057eece9e5ea29e1ae20/detection

45.67.231.58:3214
j5.sldov.ru

# Reference: https://www.virustotal.com/gui/file/a14fb42ce0bb182cfbaf6319ae29a96c81ba4ac195cba646ad899f63085e205c/detection

2.56.214.103:3214
vbi.sldov.ru

# Reference: https://www.virustotal.com/gui/file/1276508d3f174cd89e0c35054ab8bf79581b83c821a36c5958b6071d1835872a/detection

80.92.206.118:3214
pp.sldov.ru

# Reference: https://www.virustotal.com/gui/file/e401a949ac7801d662b4f05acb3dc55e604de12632f032c6efecbc607a848ba9/detection

http://80.92.206.118
80.92.206.118:3214
s6g.sldov.ru

# Reference: https://www.virustotal.com/gui/file/c7114a36aa57968aab7329de0ce98f1882a26afd6ee7d99d774f5821f80dc7a8/detection

http://86.105.252.250
86.105.252.250:3214
op.sldov.ru

# Reference: https://www.virustotal.com/gui/file/cbd5572a46685f16c81aa1c1b738ec7f8ace9069d9debe93de76bfad16f4d96e/detection

1m12.sldov.ru

# Reference: https://www.virustotal.com/gui/file/38e9eda271a1bbf27d7486fb5ebf88da22a92711ffb19a43b9519e512c336252/detection

87.251.71.103:3214
0cl.sldov.ru
5ur9mv.asubeshi.ru

# Reference: https://blog.talosintelligence.com/2021/02/threat-roundup-0212-0219.html (# Win.Packed.RedLine-9831330-0)

jelonaki.xyz
kapesteis.xyz
ronamei.club

# Reference: https://www.virustotal.com/gui/file/622355bac67fa35d2367c93ef6491e2baaf4c2ff8a8ed75ab23ca25ceeba4b6b/detection

37.252.5.213:6677
zmjj.doshofater.ru

# Reference: https://www.virustotal.com/gui/file/7c8b8fe872d1c7ea1edd0f808c08b0d61d5c5599461695f486b661730607570a/detection

http://45.67.230.60
172.104.79.63:43
192.0.32.59:43
45.67.230.60:3214

# Reference: https://www.virustotal.com/gui/file/fd2086abf2e433332ee2cd656d6899c08e0d1555eda59c90f6670f8e2378334a/detection

40.124.50.181:3214
redcompo.hopto.org

# Reference: https://www.virustotal.com/gui/file/9e81297c900c7ea07b188d31e34317fcd8431271e49f17660a11130b60cbd079/detection

hasgtxbb.000webhostapp.com

# Reference: https://app.any.run/tasks/5fdcec5f-c7b8-4660-b39f-3f29defdd310/

94.232.44.45:35200

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1365772605337272321
# Reference: https://app.any.run/tasks/6dbdd571-570d-46ce-afa9-be31243bcfb3/

87.251.71.75:3214

# Reference: https://www.virustotal.com/gui/file/291fb9999009b5cb5e1ce39a6c58472291cdaaaeeea56beb6a4d0b7925574dca/detection

104.21.17.169:8880
voditelaux.icu

# Reference: https://twitter.com/1ZRR4H/status/1367948254944628736
# Reference: https://app.any.run/tasks/c4f3ae95-c384-4f97-abf0-570e70b73310/

80.89.224.252:3214

# Reference: https://app.any.run/tasks/2ce79039-efc9-44b6-8774-2e63aec21979/

95.181.172.238:3214

# Reference: https://twitter.com/pmmkowalczyk/status/1369670369829879810

denverbbq.net
gellyoema.xyz

# Reference: https://twitter.com/pmmkowalczyk/status/1370119344647249920

2xkgoj5b.nakadesh.ru
uhuua.ru

# Reference: https://twitter.com/pmmkowalczyk/status/1370800929558118405
# Reference: https://www.virustotal.com/gui/file/a19778657179c0a74cf22e6cefbd26dee57e6b65e552a50899f5172b0c9a74f4/detection

80.92.206.135:4264

# Reference: https://www.virustotal.com/gui/file/5916b4cb77fa0d3c53675210a85fc7058724c345e75b9c6427d2b8f0dd19394b/detection

185.4.64.199:6677

# Reference: https://www.virustotal.com/gui/file/32bd47f74329daa79e785f109d8351f7596659c3fdade6589ec5ae90b77d29fb/detection

ii.alabamasan.ru

# Reference: https://www.virustotal.com/gui/file/4071fddbbcd1201ca71328e9266fd1d63c80964503da17bc1cc69f9711103cd6/detection

lk.alabamasan.ru

# Reference: https://www.virustotal.com/gui/file/ddea6c32fbea5f2488e4a30cee1da96785e5dc8b1e5a6abe1a934862d556caee/detection

93.115.21.231:6677
f.saithingware.ru
jf.watashinonegai.ru
kt.saithingware.ru

# Reference: https://www.virustotal.com/gui/file/c1a7366f706c6a1800ce81399ffce1f042dddba1c8244fd679c9ce95d08ddde2/detection

195.161.114.43:6677
5ymk2w.amatiftp.ru
j8.watashinonegai.ru

# Reference: https://www.virustotal.com/gui/file/cd4bae9ff7319757829d451ef8f4c5ed56a49e5d32131e2b591c4202993451db/detection

104.18.52.215:6677
104.18.53.215:6677
104.24.124.192:6677
104.24.125.192:6677
194.67.71.52:6677
45.132.106.75:6677
andichust.ru
promo-usa.info

# Reference: https://www.virustotal.com/gui/file/f3b17d8e503d10d4aa35dd1832aab470d7edc629d3c4affad27a6f6ca54e01b0/detection

j1065947.myjino.ru
usa-load.info

# Reference: https://www.virustotal.com/gui/file/74ab7b0f07de3de8583448c6cc24b2ca14f649190dae8cf1b759c6141fd9a902/detection

qci.haudireadyfi.ru

# Reference: https://www.virustotal.com/gui/file/c027c1ae371596fff5baa6fc7da0d25281b031a4ab1e8209578e3c18dc97d2c7/detection

t41iu.justcankillthepain.ru

# Reference: https://www.virustotal.com/gui/file/0ddd7d646dfb1a2220c5b3827c8190f7ab8d7398bbc2c612a34846a0d38fb32b/detection

66.206.18.186:6677

# Reference: https://www.virustotal.com/gui/file/2e99c313e0c650e1550099cda6493a1896741c8ca294b201d2f2edd5238cdb7a/detection

213.166.69.6:7779
45.132.106.75:7779
95mxtw.kseignait.ru

# Reference: https://www.virustotal.com/gui/file/4aebd2918942c4d01076cd9cb47402c5b8c61e14e86a397488d1abc2e444d626/detection

ri4m.justcankillthepain.ru

# Reference: https://www.virustotal.com/gui/file/10cccfc51b88898e64d5df015f8ee2c1d4815d174ad30599aaa7c89090882bcf/detection

h1.iwakalong.ru

# Reference: https://twitter.com/4chr4f2/status/1378196386529865730
# Reference: https://app.any.run/tasks/cb9e66fb-f03b-415e-93ca-c10fdd23f941/

51.195.108.215:40355
85.208.186.172:8080

# Reference: https://twitter.com/ANeilan/status/1381605134115954691
# Reference: https://twitter.com/ffforward/status/1381610525260451846
# Reference: https://www.virustotal.com/gui/file/7a7faa8e5954aa27f3d16454c25cf86af9cf20434f98f4db3479d22132c0f57b/detection

joinclub-house.site

# Reference: https://www.virustotal.com/gui/file/b26a0f386cacda560b3e32d60144e5570fd87c809ed06a237708f72782c8d6cf/detection

git4you.ru

# Reference: https://twitter.com/dubstard/status/1387781798353068039

bincoinbot.com

# Reference: https://tria.ge/210507-5gm7t8k8ds

77.232.41.231:43981

# Reference: https://www.virustotal.com/gui/file/8d730630389f403985ddbff2c9617c9b9ca9fd4ad0c9ee5d9fceeecc44356340/detection

http://157.90.162.135
157.90.162.135:35200

# Reference: https://www.virustotal.com/gui/file/29b9058449c81cf5aaa57316c620d80a48e2161d583c6e9351b8c44899315505/detection
# Reference: https://www.virustotal.com/gui/file/25214117747d585b843f9eb5e135fd31feb88898bfef69b184f9bd4fcbc7d5d3/detection

http://185.234.247.183
185.234.247.183:3214

# Reference: https://www.virustotal.com/gui/file/0e23f525007e9be46b85d1c6dacb16579c8555221867eee619f3f5f0f5ae660e/detection

http://188.119.112.16
188.119.112.16:29931

# Reference: https://www.virustotal.com/gui/file/90a6fcc18a558a9599d8377cbde14d14e4af078e920dd182bf0a46cb88bbba4e/detection

http://188.165.156.214
188.165.156.214:65356

# Reference: https://www.virustotal.com/gui/file/fe28808f8b07b484ff987a1ccc2f187857139e84d58dfbbb8004ce29f21bf1ea/detection

http://195.2.84.82
195.2.84.82:56801

# Reference: https://www.virustotal.com/gui/file/e82f3b7b3794a2db65698a2723511e3f8df217fc4b99de215246f8f77529a602/detection

http://199.195.251.96
199.195.251.96:43073

# Reference: https://www.virustotal.com/gui/file/b5e9f31e9150c4530dba7fa1d830fdc736ab939aecd563332e0856c7041f3de7/detection

http://213.166.71.146
213.166.71.146:30027

# Reference: https://www.virustotal.com/gui/file/b35472ac451e4923a094af8eaa687656c1f6576f7655655c877e98c0fa9c7709/detection

http://3.120.134.248
3.120.134.248:65368

# Reference: https://www.virustotal.com/gui/file/f6a21f38fcaf4a5d6e47bfa62f2293b025eac7179b63a4fde24ea14594a040a5/detection

http://45.140.146.151
45.140.146.151:40355

# Reference: https://www.virustotal.com/gui/file/36fe71c3af87bcc22aee5e1df862f664d68608620affb4a5a8f4ba21342561a5/detection

http://45.67.231.8
45.67.231.8:3403
9mw9.magicnow24.ru

# Reference: https://www.virustotal.com/gui/file/3a82ff19205ac49b150cd26c622c96eaaec0d80cedea5a9d6e2d523cad7f5622/detection

http://87.251.71.153
45.67.228.131:9603
gameshome.xyz
holdingfr0nts.xyz
j1155411.myjino.ru
news-systems.xyz
sthellete.xyz

# Reference: https://www.virustotal.com/gui/ip-address/45.153.184.71/relations

wispdocweb.xyz

# Reference: https://www.virustotal.com/gui/file/015d8ec1d116d36ff3c99b510528b3798e9c82337550b4efa2394dd6c0aae972/detection

http://45.90.46.164
45.90.46.164:54557

# Reference: https://www.virustotal.com/gui/file/25681de7e02857c21c6d3ffed80354333751a7fc7c3a07b8ae7be45c93307ab2/detection

45.138.157.149:21502
49.12.13.16:55953

# Reference: https://www.virustotal.com/gui/file/2702d43f54c385a12f7a24754c0530fe3b18d64a98878fc2ff9c3b13aef03f20/detection

http://5.188.118.35
5.188.118.35:19651

# Reference: https://www.virustotal.com/gui/file/2e40b603ecab881a303288ea4a6a0d7441a3bd897eefe6573e6140f037559f5c/detection

http://52.14.161.64
52.14.161.64:25486

# Reference: https://www.virustotal.com/gui/file/c22f6d1356f9ab62f87e9dab44673bb3fdb7a225f63042f55c3682f46006260e/detection

http://77.232.41.231
77.232.41.231:43981

# Reference: https://www.virustotal.com/gui/file/0a30ff3094e25dcc431dc3b4c7df1a83ac8a35a66c0c38e644ce0b89437b5747/detection

http://80.92.204.95
80.92.204.95:59766
7x8x.purplecafe.ru

# Reference: https://www.virustotal.com/gui/file/e8a22cc13143b1e542e6789290452ed883ad070eb987146f656db78f0b7cbbe0/detection

http://80.92.206.128

# Reference: https://www.virustotal.com/gui/file/841a86c4312c091a4ee4d5ef5a976ffd63d082da363591b60df4bfe2680efa22/detection

http://86.105.252.237
86.105.252.237:17660

# Reference: https://www.virustotal.com/gui/file/c846d8d913f6365c146beae5e70cde269256db120c6f2bf7d550fef7e9844601/detection

http://86.107.197.8
86.107.197.8:38214

# Reference: https://www.virustotal.com/gui/file/7c7cff0a48bcfe565fb02e3a39087ce2ad56d5b1c57b229f2d0142f41b7ab191/detection

http://87.251.71.193
87.251.71.193:20119

# Reference: https://www.virustotal.com/gui/file/83422a63a67f69382eb8b0770a89d1841b43aac04beb7ae14429d35ce4b77a3f/detection

93.115.21.41:50755

# Reference: https://www.virustotal.com/gui/file/5691e44d8eb881544b9f440ef473d5b526e55af8f7d299a0aa263711572a5ee9/detection

dylarache.site

# Reference: https://www.virustotal.com/gui/file/ab927ea11fbf644738e3423423850de3100dc0d2b3c120ea71ae9823bf7742e5/detection

qurernenail.xyz

# Reference: https://www.virustotal.com/gui/file/6cae92665b23b4bccccd25fad925b745ad83e700b1775a6cabae079b5741accd/detection

byrunkrntyj.xyz

# Reference: https://www.virustotal.com/gui/file/41d0f4c47ed4745ef6fb196273873f5e8092baf18f05075452efead370ec23a4/detection

9a1o.ogmassive.ru

# Reference: https://www.virustotal.com/gui/file/8a7d98508e448ab8150540c6e0ca4559c308f5bba4a6bb64e2d4d416232ccfc9/detection

nd.git4you.ru

# Reference: https://www.virustotal.com/gui/file/15509eb0045271635c94808f8291b4a0a55e1be0a78296315ec67201ccf2ab01/detection

http://87.251.71.204

# Reference: https://www.virustotal.com/gui/file/d8caecf9a341e1f5cb2ca90a648d0792cfe654afe2d38fa7c4a26d73aff885c6/detection

http://87.251.71.62
y4y.ogmassive.ru

# Reference: https://www.virustotal.com/gui/file/e8c658ac0bb00a2a8c7c6f30da580823e383eaf907cde6dcc0b962d7e653199e/detection

95.181.152.183:15785
s8v.purplecafe.ru

# Reference: https://www.virustotal.com/gui/file/3aca76d7bdd23aa701fffa2994e4b9438439056ad0317b78f6c7251b3fb9f2c5/detection

95.181.152.183:31019

# Reference: https://twitter.com/dark0pcodes/status/1390720778711207938
# Reference: https://pastebin.com/ErqXq4er

21jhss.club
crownnest.cyou
erherst.ml
gooutdayblog.info
ierinapu.xyz
kystearlar.xyz
lazerprojekt.store
nshoreyle.xyz
phelammi.xyz
qusenero.xyz
redline957.duckdns.org
redworksite.info
sthellete.xyz
styonorong.xyz
ureltodwie.xyz
wiseroniee.xyz
ynnnzonie.xyz

# Reference: https://www.virustotal.com/gui/file/521e6ab3da29cda2fc6399ac88289ed9762577ff4e9742a56ec89bf4521be6c1/detection

109.234.38.124:35200

# Reference: https://tria.ge/210510-cdf8nml7an/behavioral1
# Reference: https://www.virustotal.com/gui/ip-address/185.82.219.104/relations

astulpiagi.xyz
wnyalvene.xyz
zastaredan.xyz

# Reference: https://www.virustotal.com/gui/file/98d31fa6f8f9b5bc7db0bc77ab6f5b411880d3d1994db29ecba3696f079225d8/detection

fastboomerzoomer.top

# Reference: https://www.virustotal.com/gui/file/6f26456f887bb2cd91337242a58fb3d9d189b578fc0ce59aed9d2d2feae53637/detection

185.215.113.54:62132

# Reference: https://www.virustotal.com/gui/file/dbfc0f6a14532b867334b38aa4789fe1da4267c72955f89e00811392df0bd42a/detection

http://51.254.187.177
51.254.187.177:3705
mm.hellomir.ru
ucf.hyperfast.ru

# Reference: https://www.virustotal.com/gui/file/8d46e1ef94efbf4fd8d36dfb36d68d6ba36c436b3fe480118ef1a2828acc3b2d/detection

135.181.170.169:50845

# Reference: https://www.virustotal.com/gui/file/a9d7457834c3b27e451d027c0242f23cdd61f3c1b9c496d010e0693d0b15f225/detection

profi-max.info

# Reference: https://twitter.com/1ZRR4H/status/1395851977691705352

updatedefender.online

# Reference: https://tria.ge/210525-49cwzpzfaa/behavioral1

innaynelar.xyz

# Reference: https://www.virustotal.com/gui/file/bf9be8425f9523539e9fadbd7b96ced4fc65eaabb1006996a6974c6da8041a7e/detection

jelliousbra1n.xyz
powerins3rts.xyz

# Reference: https://www.virustotal.com/gui/file/96b6705d251bb18c5f6ccbc0f4dc667023fb7100d5e6ff775c6bb4b9c84b66a5/detection

j1155410.myjino.ru

# Reference: https://blog.morphisec.com/google-ppc-ads-deliver-redline-taurus-and-mini-redline-infostealers
# Reference: https://otx.alienvault.com/pulse/60b89765d9d4209af982cf7c

109.234.37.201:15647
anydesk-connect.com
anydesk-en-downloads.com
anydesk-go.com
anydesk-new.com
anydesk-one.com
anydesk-pro.com
anydesk-top.com
anydesk-vip.com
pc-whatisapp.com
telegram-home.com
jasafodidei.xyz

# Reference: https://www.virustotal.com/gui/file/a33fba201470062e7411eb129e52102e9ec7150d0d4d46c877aa241d2fef826c/detection

prinega.xyz

# Reference: https://twitter.com/James_inthe_box/status/1402746771512594439
# Reference: https://app.any.run/tasks/4921d1fe-1a14-4bf2-9d27-c443353362a8/

188.68.202.244:46946

# Reference: https://www.virustotal.com/gui/file/a6a1b66e1d7d31bfa37a6a591b30469b71c25a431096a9fc60bd072d7e9b1889/detection

rdesbarile.xyz

# Reference: https://twitter.com/dark0pcodes/status/1403415277413539849
# Reference: https://tria.ge/210611-wver3park2

acanaceous-tripling-cayuga.cc

# Reference: https://www.virustotal.com/gui/file/bb6275b6358d48ab7aeb1a3f54eb12527163210e78154b5f73cec4d23595d3b3/detection

spaceufx.site

# Reference: https://www.virustotal.com/gui/file/f93db670fa4eaa1689858ee523b67e049a461776a4f5ca5eca2fec1e7df971aa/detection

coronttegal.xyz

# Reference: https://www.virustotal.com/gui/file/437d83e73fa880cd7831e3cebb1507fac360f91bb295450128f6e92f078b183c/detection

bukkva.site

# Reference: https://www.virustotal.com/gui/file/f8aa33b99bb248f640363d937986e465239346a7f25f8e8579b92b5c975f38a9/detection

xalemiaind.xyz
pcfixmy-download-13.xyz
videoconvert-download12.xyz

# Reference: https://otx.alienvault.com/pulse/60cddd73ef248acd19c84367

fabrserian.xyz
hiconvanor.xyz
ierinapu.xyz
ralynillalel.xyz
topnewsdesign.xyz
ugeorunnog.xyz

# Reference: https://www.virustotal.com/gui/file/79bbdb8009278ba629dae626b86f4447a81333ef9535e2a9341d5728571e4ae1/detection

leselesp.info
iphonemail.xyz
mazama.xyz
noveysish.xyz

# Reference: https://www.virustotal.com/gui/file/44faa82f7ab6fe3a40a57480504d2f7caf1d20b66656f02840e5ed83a6ad27b3/detection
# Reference: https://www.virustotal.com/gui/file/d54d492167ffb9664d3db2fb35577ef1b1e830fe32c6d786cc461fcf415bc2b0/detection

http://3.15.24.25
3.15.24.25:1026
95.213.144.186:8080
pumpbot.su

# Reference: https://twitter.com/pollo290987/status/1407226717912113154

185.215.113.17:18597

# Reference: https://www.virustotal.com/gui/file/68aab4d5d6d862bbf77cf836e80ea486a14ae11bc32cec46291a32834dd15045/detection

176.111.174.254:56328

# Reference: https://www.virustotal.com/gui/file/730bb47a033579a7b914829c4f0cde8f8ef4ea8fc884c43a1863736f02882d03/detection

87.251.71.195:19388

# Reference: https://www.virustotal.com/gui/file/44c9fd219866b0264b7d29b0c08a5ffae64a51453d0ec3499a1f1dd37245c7ad/detection

http://87.251.71.195
87.251.71.195:11924

# Reference: https://www.virustotal.com/gui/file/fef705b3666606b7acb2c1ded1b7e48a9b9ea0b50c86d0d2ad055a9186f9a90e/detection

r4.hidekad.ru

# Reference: https://www.virustotal.com/gui/file/a39005b1071d391ba53eb623bf17805b144c25475e37a67b6179e76f947577bc/detection

9htz.hiterima.ru

# Reference: https://www.virustotal.com/gui/file/68aab4d5d6d862bbf77cf836e80ea486a14ae11bc32cec46291a32834dd15045/detection

45.139.236.24:63373
87.251.71.195:82

# Reference: https://tria.ge/210623-v3483mttex

185.215.113.50:43919

# Reference: https://tria.ge/210616-1spssdy8ja

185.215.113.15:61506

# Reference: https://tria.ge/210616-2ex5ctlf1a

pupdatastar.store
pupdatastart.store
pupdatastart.tech
pupdatastart.xyz

# Reference: https://blog.talosintelligence.com/2021/07/threat-roundup-0625-0702.html (# Win.Packed.Redline-9874565-0)

jevanerrin.xyz
kathonaror.xyz
rdanoriran.xyz
whatareyousayblog.info

# Reference: https://otx.alienvault.com/pulse/60e0527b25ed2feb559e6a85

dishontesa.xyz
enatuykebe.xyz
fackerty.info
fikerty.info
flamkravmaga.com
idowload.com
ierinapu.xyz
iphonemail.xyz
kanagannne.xyz
qitoshalan.xyz
rdanoriran.xyz
videoconvert-download38.xyz
zedaumalev.xyz

# Reference: https://twitter.com/malware_traffic/status/1412128664721014785

135.181.220.99:17984

# Reference: https://www.virustotal.com/gui/file/ec763b65e400b9caaf560db4f26600251bd0971c7202a799dc7c3ce732a3717b/detection

netoterizi.xyz

# Reference: https://www.virustotal.com/gui/file/0743f2ccfd94143ac06690b2d6e49ca786a91ce7b2b666ac56ee5e36613fb155/detection

download-serv-457965.xyz

# Reference: https://www.virustotal.com/gui/file/7084f1ae45733b1311a449d2a33202b5ca93363755fc6a746b37ed934b8fa9c9/detection

185.197.74.223:15027

# Reference: https://www.virustotal.com/gui/file/fd7221ed30c1e70660968257265500ffd60aea9ae2c85ee887b2608c1eaf2188/detection

server-downl-8831.xyz

# Reference: https://www.virustotal.com/gui/file/65472f390519ddaf64eec69a64c1e8e7821af6592778471e5e6ab63179196525/detection

193.38.54.101:55440

# Reference: https://twitter.com/MBThreatIntel/status/1412864663243476993

3eehj3wdhdhjww3r3dkjd.online
qwerty.3eehj3wdhdhjww3r3dkjd.online

# Reference: https://otx.alienvault.com/pulse/60f175f43f879d8baf8f1f71

krossred957.duckdns.org
sozigylkal.xyz
vinndozhal.xyz

# Reference: https://www.virustotal.com/gui/file/c1a12791e61b56c414d7c2c92ed8bbfd3937e08baa03c0ea35d0abc9a9cc6315/detection

download-serv-632457.xyz

# Reference: https://www.virustotal.com/gui/ip-address/194.135.112.207/relations

name-usa.info
usa01.info

# Reference: https://twitter.com/pollo290987/status/1415937335351463937
# Reference: https://www.virustotal.com/gui/file/7d36df75a91f498cef1d689286d594f6e1e624f42f62b17519001341b4fd3644/detection

46.8.19.177:59851

# Reference: https://twitter.com/pollo290987/status/1415214208682188804
# Reference: https://www.virustotal.com/gui/file/aec23a4e2c4d1430216f3d116d9953cf26034c780001a8c8f14376bb9c5348c5/detection

zasavaucov.xyz

# Reference: https://twitter.com/pollo290987/status/1415213994525220864
# Reference: https://www.virustotal.com/gui/file/a06ae12495bc08221853828fb24d6747892785fe36bf93518d9aa8b41214d5be/detection

qumaranero.xyz

# Reference: https://twitter.com/pollo290987/status/1415213900975456258
# Reference: https://www.virustotal.com/gui/file/42ac10242c8459024000db273da91c0cc345daef7e8cce0d1a5cfd4cf316622e/detection

45.12.213.248:36372

# Reference: https://twitter.com/pollo290987/status/1414857255179202560
# Reference: https://www.virustotal.com/gui/file/d1e0f6406232cd41da3653897dced70045f5334825925322badf8246a42c9310/detection

5.12.213.248:36372

# Reference: https://twitter.com/pollo290987/status/1414857242717917185
# Reference: https://www.virustotal.com/gui/file/3ae1b69e9e3ecf474718a0cbf5e92f6edcf61274f9c9c05b7c383fbae9a5cd95/detection

152.228.150.198:11188

# Reference: https://twitter.com/pollo290987/status/1413047834350325760
# Reference: https://www.virustotal.com/gui/file/236020bb910e3cfd1e03bff5722204be40c0739fb6d2954b35c8b02185e37ef6/detection

45.81.227.32:22625

# Reference: https://twitter.com/pollo290987/status/1413047920526512129
# Reference: https://www.virustotal.com/gui/file/9c2554e79b717eca531348c6e0430944ab7288bc46a8d56e2e49898c4b0e59a0/detection

185.203.243.131:27365

# Reference: https://twitter.com/pollo290987/status/1412178528804786178
# Reference: https://www.virustotal.com/gui/file/bf7e9c31991471a7c0f39c35e2d56dde85a80c2558f13e6de5ca8376bb0786cf/detection

91.142.77.198:58996

# Reference: https://twitter.com/pollo290987/status/1411593969155387396
# Reference: https://www.virustotal.com/gui/file/119f9287f46d3ed3888403c3c21054974a0e8926ef247fc065164a8d58303c9c/detection

45.139.236.36:33611

# Reference: https://twitter.com/pollo290987/status/1410945063157440519
# Reference: https://www.virustotal.com/gui/file/263beab6e70eb466a94c431f2484957b662e81f134bc52d77c6f169de8c8ad70/detection

176.111.174.254:56328
flestriche.xyz

# Reference: https://twitter.com/pollo290987/status/1410540829698105346
# Reference: https://www.virustotal.com/gui/file/742ad3be42f5023d4fbd854fa6f1eb80054b94d537aaa32e7d7ae1db6dd6683e/detection

185.215.113.17:18597
qitoshalan.xyz

# Reference: https://ioc.finsin.cl/Output_FINSIN_URL

http://45.142.214.163
http://45.142.214.176
http://81.177.6.55
136.244.68.29:6677
51.195.233.65:6677
80.240.17.235:6677
80.240.19.10:6677
95.179.254.130:6677

# Reference: https://otx.alienvault.com/pulse/60fc01f04b02c7f20109fe28

dwarimlari.xyz
ierinapu.xyz
ieynanerin.xyz
ivaloribar.xyz
pc-updatings.su
zertypelil.xyz

# Reference: https://www.virustotal.com/gui/file/a94a56609fd846b118788f9b003adecbdf47b06380cc9d9af5bd403fc5362941/detection

86.106.181.209:18845

# Reference: https://www.virustotal.com/gui/file/6266bd00d67b3feccd9ed7504ef44708f9594ebc32b83a192a6c719d15fc36dd/detection

135.181.49.56:23519
periatilll.xyz
realminddesign.xyz

# Reference: https://www.virustotal.com/gui/file/68cd8e9066cf01e1cd42f52e82d2820edf692fc8a0c60bda48dccaa2659d631f/detection

kalamaivig.xyz

# Reference: https://www.virustotal.com/gui/file/ae37a5e3c1c495e1ee01ed1682f4abe62cf57abf05be724faf4e5434f44fe8e3/detection

7zip.mobi
7zipd.com
kuskusi.org
weatherwindows.pk

# Reference: https://www.virustotal.com/gui/file/6a5c67e0c4cb743ef58e0b246b34948af254e4ac9c317d38fe285856d83d3479/detection

185.234.247.50:55567

# Reference: https://www.virustotal.com/gui/file/659b32b98b48e30f28ab64f2922d869d26061a6ac8ebbbe33def7c8fc532e27a/detection

http://185.234.247.50

# Reference: https://tria.ge/210726-9lbbrtep2a/behavioral1

185.252.144.65:4545

# Reference: https://www.virustotal.com/gui/file/cae7469e7f5dc88962b9993f4b415a46f60fcaeea494abb53d19b7d05f28525b/detection

185.230.143.16:32115

# Reference: https://www.virustotal.com/gui/file/071231d29a8548be8cb0a8f48a4b23d12e08139fd8dba842781912a11dc7c5f6/detection

liezaphare.xyz
m96942xi.beget.tech
music-sec.xyz

# Reference: https://tria.ge/210731-gcm4f41wwe

185.215.113.114:8887

# Reference: https://www.virustotal.com/gui/file/bf38a6555a9742fc97a6efbb662f2cda03cb5156c22e56417d74c06e4ebecce1/detection

185.234.247.136:47666
193.56.146.22:47861
209.250.252.69:20004
209.250.252.69:7766

# Reference: https://www.virustotal.com/gui/file/f182c0c6dc8944151e340b3cab01c6d0f97740379aff73d6657e8adec651551a/detection

185.65.135.248:58899
nincefcs.xyz
sanctam.net

# Reference: https://twitter.com/Gi7w0rm/status/1422012871219761153

185.241.54.128:47729

# Reference: https://twitter.com/tosscoinwitcher/status/1422262670879727616
# Reference: https://twitter.com/James_inthe_box/status/1422284259344060418
# Reference: https://twitter.com/James_inthe_box/status/1422285451554000903

45.139.236.76:14402
conferencesystems.online
donstop.conferencesystems.online

# Reference: https://otx.alienvault.com/pulse/610930fbde648b4ac9a49179

briaseynan.xyz
vivesemoss.xyz
yonicathal.xyz
oligarph.club

# Reference: https://www.virustotal.com/gui/file/331cc3d388773d341cb6c22a954eb15391b1aea119d8506f3bac8f3205ea21da/detection

http://45.139.236.80
45.139.236.80:44777

# Reference: https://www.virustotal.com/gui/file/61ec948fdf96bc80450b5586384da0cab4090071b3e9467aa8231351d2b63a8a/detection

45.14.12.90:52072

# Reference: https://www.virustotal.com/gui/file/af95ac6f3e41822cea33c8a608bce51ee92cff82f9c95694255f098a057b26fa/detection

http://87.251.71.212
87.251.71.212:13108

# Reference: https://otx.alienvault.com/pulse/610fc871eaacf74c1e72fcff

hiterima.ru
xetadycami.xyz
uwd.hiterima.ru

# Reference: https://www.virustotal.com/gui/file/056fbabfc5c1b05b80bf97999dc4f39d7177c9050a62e3744bfe0841c7c5eeff/detection

185.215.113.81:28578

# Reference: https://www.virustotal.com/gui/file/95129ce014d0264688c32aaddf7707ec591f6be1335f5cd67b44e9983b61da9b/detection

195.2.92.68:81

# Reference: https://www.virustotal.com/gui/file/f70fa1f685a5c1f1bf9f8a52b53efc8de44d197c389aa5604e9fb0af1cfacef8/detection

185.215.113.42:57106

# Reference: https://www.virustotal.com/gui/file/2296c6a8f6c24da6522f3333f14a7082a639fb7aaa7170c584dc22a8fbfc541a/detection

91.142.77.198:58996
n6.rukuday.ru

# Reference: https://www.virustotal.com/gui/file/0a30c9342f1a112408d83c2d9c9ada0e17f387392c17bc799ca2b8dacb5ebf9d/detection

185.215.113.42:81

# Reference: https://www.virustotal.com/gui/file/76739da9af8671f174d1d2af687df094168370c898e17a81b7e275aa2c221f8b/detection

149.28.160.180:2022
korgimakov.myjino.ru

# Reference: https://www.virustotal.com/gui/file/888872e69cdc7c7587ec1234055ae07faa6f2754686f1d4b03d98740e1f43a9c/behavior/VMRay

193.56.146.64:65441

# Reference: https://www.virustotal.com/gui/file/891a3c96ee9866cfd7abdfc03e9e32a5eba1d9aab3bfff0d873bc6efadeb013b/behavior/Microsoft%20Sysinternals

91.243.32.5:3677

# Reference: https://www.virustotal.com/gui/file/c2fdc2f8c1d7bdec5703181aea62329f73bfb1e83c9ff8932b2c1f3f70d1dcea/behavior/Microsoft%20Sysinternals

176.114.9.172:49776

# Reference: https://www.virustotal.com/gui/file/a8f6f145aa078e83be145a4826660471b1f0cc5b17a0a34014e6d7015f7da55a/behavior/C2AE

95.181.152.141:29263
141.94.188.139:43059

# Reference: https://www.virustotal.com/gui/file/c61cee013d70056598c1a4877692e735aca3b9d85345718d9733d29dfa621d11/detection

45.67.231.218:15411

# Reference: https://www.virustotal.com/gui/file/487435d01fc04eba8555aab50d83ef39195f810786da6df4eebb4b88623aba2d/detection

45.67.231.218:7527

# Reference: https://www.virustotal.com/gui/file/eb6e16018bcd8686162d65edc2d687e2a8795ef7124d3a804f395f2c36b0d8f8/detection

komaiasowu.ru
f.komaiasowu.ru

# Reference: https://www.virustotal.com/gui/file/0e7986f9a3dc14736b1bfab4df0fbea6631f3608c677bc38872827c71cd2d310/relations

nariviqusir.xyz

# Reference: https://twitter.com/1ZRR4H/status/1460576019597991946

45.9.20.104:6334

# Reference: https://www.virustotal.com/gui/file/33846db33eecfacdad06479857de23ddf381b74a1ef3fbce2520766dd7c67425/detection
# Reference: https://www.virustotal.com/gui/file/1a8ff742b77b69148608f8a55688c9779c0b9101e7a034a0ff28cae8a51e0569/detection
# Reference: https://www.virustotal.com/gui/file/117beaf800cc3c8b29a5758c56de9902aeabfdb76e05876c2755e40beba8a27c/detection
# Reference: https://www.virustotal.com/gui/file/22eebdd52a5eaac3434f37bf3d70d7472bc7ce609521d4d3d82213664480aa6e/detection

193.203.203.240:35200
193.203.203.240:81
kusaemai.ru
09egc.kusaemai.ru

# Reference: https://www.virustotal.com/gui/ip-address/193.187.175.29/relations
# Reference: https://www.virustotal.com/gui/file/4a136b737d9e08d4d04f661f050447f5a2ef4c2d1834e434f3bcaf2b85526175/detection

farvelaxha.xyz
mabudorya.xyz
rlmushahel.xyz

# Reference: https://www.virustotal.com/gui/file/28ca9988101daf262d4c2b3aa162ee9e96dd50bfc46c0d3f7798ee39cd9d6985/detection

92.119.113.189:21746
ckauni.ru
e.ckauni.ru

# Reference: https://www.virustotal.com/gui/file/6a9441021b4cd4a153b8b77f8cf0af4e0d25365a01ab61bc58791fc4d7513204/detection
# Reference: https://www.virustotal.com/gui/file/f7fa7471d4313557cbfcf6ce0368ba050297931d0f641d19b8fef40d18b15d85/detection

141.94.188.138:46419
ckauni.ru
62sb.ckauni.ru
ke.ckauni.ru

# Reference: https://twitter.com/ShadowChasing1/status/1465886983528468484
# Reference: https://www.virustotal.com/gui/file/e4a67b33e47e405537ffeace849eb2975edf32cb24c5fc10e04cf20131cc28d7

http://188.116.34.197

# Reference: https://www.virustotal.com/gui/file/936c0197e83ba4dc7dfe73c677e537f103b8a91cc9cf05fa77d3fe5e18f7f5c7/detection

2.232.150.231:62099
ddoxeriscoming.ddns.net

# Reference:m https://www.virustotal.com/gui/file/e30526846906e6892eda1a9a774b3f1cb2734d97287d16e7aca2f8b8826e1e52/detection

37.0.11.243:63642
safebild.org

# Reference: https://www.virustotal.com/gui/file/48b83155739f83a508ec4aeb87aa68a59dbd695e61f29d8d57d99eb22816201c/detection

37.0.11.243:7777

# Reference: https://tria.ge/211206-vztqfaefdr/behavioral1

kanerinasto.xyz

# Reference: https://twitter.com/pmmkowalczyk/status/1471508031166763010

103.246.144.29:44301

# Reference: https://www.virustotal.com/gui/file/2d65ee12cf39969fb00c11af633fac42ed0ab982cf6a9894d50591c0d1dffe76/detection

159.69.246.184:13127
65.108.69.168:13293

# Reference: https://www.virustotal.com/gui/file/47e1a583759c9b7fa9b87e07e05cc9c4ae4022ef501a5b19b68a41ff7181ed35/detection

185.215.113.44:23759

# Reference: https://www.virustotal.com/gui/file/92d056ebbe6aa832872b38f207074d91a161a418cb9f569c0d4484bfcc2cadc1/detection

185.215.113.82:31104

# Reference: https://www.virustotal.com/gui/file/c92fea006e70c862e1a5bc1d3e98dda1f67ce475e0308b53dbefbf48eb57772a/detection

195.133.47.114:38127

# Reference: https://www.virustotal.com/gui/file/dd9f9d4f7389dd8c50aad444410f5ea5ef8eaba3e4d03f6edac9753c8a786236/detection

185.215.113.7:5186

# Reference: https://www.virustotal.com/gui/file/61cd48498b43837aecaeb3a82ecc1ce6b0a9a1153eb8f01e2a8526991ef48072/detection

185.215.113.8:56432

# Reference: https://www.virustotal.com/gui/file/6f6e39ab03611a7547580aed21a4ecabd835d2edd435d3a8c1190145ed21237f/detection

185.215.113.9:57250

# Reference: https://www.virustotal.com/gui/file/08c626607560725465491e2556ae19ee5c400a463a50777153d7611fddccf195/detection

http://185.215.113.14
185.215.113.121:15386

# Reference: https://www.virustotal.com/gui/file/698fa11159b3e09764d2c1c6f3420e3a94a63376e5cd5dd6b598a34e965b170c/detection

185.215.113.15:8080

# Reference: https://www.virustotal.com/gui/file/7ce9b6d09635c92f80cc1ddc171bef5e722cfbfbf7c219d7cf68f37df474b97e/detection

185.215.113.17:7700
neofunkyjunky.com

# Reference: https://www.virustotal.com/gui/file/d6fb0ce62b5682a7c7a5699e2048fd05385be1de8a075a94b52aa06cd45ea636/detection

http://185.215.113.21
185.215.113.21:34106

# Reference: https://www.virustotal.com/gui/file/b10fe4931999ea1c6dd6e7293f2a4584b6a593313907a1e23fcbae2f9f662f85/detection

178.63.26.132:29795
91.121.67.60:62102

# Reference: https://www.virustotal.com/gui/file/307a069ecd59369e9825b9e24d84d5a92f6e4273c7d1d463d03cad06497dbe09/detection

135.181.129.119:4805
193.150.103.37:29118

# Reference: https://twitter.com/1ZRR4H/status/1476184470646624262
# Reference: https://github.com/CronUp/Malware-IOCs/blob/main/2021-12-29_Malvertising2RedLine

http://45.129.99.59
103.246.144.29:44301
185.204.109.248:26250
185.215.113.29:34865
193.150.103.37:81
2.56.56.126:38524
23.88.114.184:9295
45.147.196.146:6213
91.243.32.73:7171
94.140.115.160:81
absoluteuniqueloads.com
bestfilesstorage.com
engfilesload.com
fastrarloads.com
getfileasap1.com
getthisfileasap.com
loaduploads.com
rarloads.com
readytoloadforyou.com
secondfilesstorage.com
topfilesstorage.com
uniqueloads.com
uploadloads.com
yfilesstorage1.com
yourfilesstorage.com
zipuniquedownloads.com
zipuploads.com

# Reference: https://twitter.com/1ZRR4H/status/1476329209165496320

45.67.228.169:61696
51.79.188.112:7110
msofficetoolkit.com
myfreefiles.com
premiumsforum.com
profreefiles.com
yarchworkshop.com

# Reference: https://www.virustotal.com/gui/file/cfe1a9cedf12e5c01c4727d0b12de8ccecf696a64bf895daf2b71e4131f1e1de/detection

37.1.213.9:17292
65.21.234.58:8080

# Reference: https://www.virustotal.com/gui/file/7a12bed80d3c7140c4cc64315dcd6b7f994ce47229333a23d6f588d96e906fb6/detection

downshiftingrace.top

# Reference: https://www.virustotal.com/gui/file/9a234d272cd67f77fe49965a63e7d98f8c3c77f92bd4a98006716c9ab7c71703/detection

185.172.129.61:52372
52nv.hiterima.ru

# Reference: https://www.virustotal.com/gui/file/baf599abab1d6969e1ba455f83375cbc9643bbe5049189729d3ce60be08e4a58/detection

188.124.36.242:25802
193.56.146.78:54955
deyrolorme.xyz
h.hiterima.ru

# Reference: https://www.virustotal.com/gui/file/693eae9df1138fd4ae0289651ce7de1e7e4251558cdd525f61bea9395a4c03c1/detection

141.94.188.138:46419
hwg.jelikob.ru

# Reference: https://twitter.com/benkow_/status/1476886648818384902
# Reference: https://dpaste.org/Nx77/raw (# Redline)

blairwitch.top
esydownloader.space
greendayband.top
greenfreedom.top
hypercustom.top
irishrunningclub.com
programfreeyou.com
thisonecantbebanned.top
sliderfriday.top
wowsugarbabe.top
wushupalace.top

# Reference: https://www.virustotal.com/gui/file/bec58d49a22b43245709af3cc96cbe6d821a99a7d0ac8bdde8bf1f337d568f10/detection

185.215.113.62:51929
akedauiver.xyz

# Reference: https://www.virustotal.com/gui/file/29cdec124962aff503937bdb1e62adbcebe715e949ecda469ff8414447cddac0/detection

91.201.67.203:6677
watashinonegai.ru

# Reference: https://twitter.com/1ZRR4H/status/1477687367716769795

109.107.188.167:37171
185.151.240.132:33087

# Reference: https://www.virustotal.com/gui/file/c3e725df442abe93e1d1d5ca01fc8105521c82e8e5f86d07171d8f95562c59a5/

185.177.125.94:57832
193.56.146.78:51487
qwertys.info
remotenetwork.xyz
sornx.xyz
realeurogroup.xyz

# Reference: https://gist.github.com/silence-is-best/e2af8aa61000e4b740934331291c619b
# Reference: https://www.virustotal.com/gui/file/73942b1b5a8146090a40fe50a67c7c86c739329506db9ff5adc638ed7bb1654e/detection

185.112.83.21:21142
185.183.35.89:7777

# Reference: https://www.virustotal.com/gui/file/3c90a04f391078bb8a1556988942166cfb5580660a594ac6628aae50a3b34809/detection

185.215.113.17:18597
185.215.113.46:61707

# Reference: https://www.virustotal.com/gui/file/1022aed4c67e1fd0bc605d815bf9152d040a3288e91391f9637cbb55e54f0a03/detection

185.206.212.165:20000
185.7.214.171:8080
f0616068.xsph.ru

# Reference: https://www.virustotal.com/gui/file/d03c84a13b8e6274f7353fd98e35f73c194938b61690a9a8a83c594a40994dec/detection

http://45.142.212.190
45.142.212.190:35200

# Reference: https://www.virustotal.com/gui/file/982ecd1ae9b5fd898aa7f20cbe84bd1af6af6b1b5feca8f0189fca038f7aeb98/detection

appcurnet.ru
thifink.ru
8fh9.thifink.ru
vfh.appcurnet.ru

# Reference: https://www.virustotal.com/gui/file/9e6ee86b2269db2663bb4cb34328f5c72e33e08fcfae8ec813bb09b28c6b3ca9/detection
# Reference: https://www.virustotal.com/gui/file/028258992edfb3c65258c25c0d9ccd5e928a3ea9859899126bea3added012f13/detection

worwokr.ru
x5w7rx.worwokr.ru
/eDUpjlGWbtLuyk
/EXrXeuqqhFzno

# Reference: https://www.virustotal.com/gui/file/3655e959a10cd3469622c03016704389127c655113a01bb46302498418184a10/detection

4o3dfgf.worwokr.ru

# Reference: https://www.virustotal.com/gui/file/500c34dd090c02c2529fc830cb54565947a51f5a2d3c445070503f7909f980c6/detection

http://45.142.212.191
45.142.212.191:19154
45.142.212.191:49176
rijndad.ru
p9.rijndad.ru

# Reference: https://www.virustotal.com/gui/file/47be27c585317cfbfdcda82c15aa54ec9d1491bb34473522ba118a864b98bf48/detection

uml.appcurnet.ru

# Reference: https://www.virustotal.com/gui/file/a986aa4af8fd99e9dcd9e7abad6c08decbb9a1861b8712c2512e73533ba28477/detection

initsl.ru
7tpu.initsl.ru
/EveKiAJWelmhSn

# Reference: https://www.virustotal.com/gui/file/33086d6963f76828a08462b2bfa71c908f20362322b9ba5af91379d4db684f76/detection

45.142.212.192:6677

# Reference: https://www.virustotal.com/gui/file/cf3a4b777604770bedbe1cb86d11e05602f1cd3db2b54d32c35b6a322bd4e7f1/detection

45.142.212.197:40355

# Reference: https://www.virustotal.com/gui/file/020039166612282d4175b35b7743bfe8bd74c0ec06f72774c523a370cdac3a5a/detection

45.142.212.204:35200

# Reference: https://www.virustotal.com/gui/file/64233896507a084444b93afa928fcfb8e265f660f7ba678dd49d26688f5c4955/detection

http://45.142.212.204
45.142.212.204:81

# Reference: https://www.virustotal.com/gui/file/bc33bbb886501dd9b159bc8ffa6f4d48e8c3abe033a243e72ffabd27600ee375/detection

http://45.142.212.209
45.142.212.209:6677

# Reference: https://www.virustotal.com/gui/file/681a639fbab22f9030769ecd8d8d716ce4f8cfc01b6f1a2f3ef8722a97cacee7/detection

sokindosword.ru
f.sokindosword.ru

# Reference: https://www.virustotal.com/gui/file/c62fa1aec038660384972ab40cbd0a1f2bc6112ff36451457d953d871c729e8a/detection

http://45.142.212.213

# Reference: https://www.virustotal.com/gui/file/1cfa5f2312f4673947f38a62f71ad6e5f97b36be5bb244d45b64cf4d61b61a68/detection

45.142.212.214:35200
87.251.71.52:35200

# Reference: https://www.virustotal.com/gui/file/d5b99910ee8211ee5af5c282736f5543cef11023952d72097f68548c70f990b8/detection

45.142.212.229:35200

# Reference: https://www.virustotal.com/gui/file/fad03a78cb1e273ffdbe691e961b55d9584281db34e3ac3c1847303b4bb74977/detection
# Reference: https://www.virustotal.com/gui/file/9e978576de6c179eeb8497b674d24d279792e056d32d9340c3e4d9e7706ff5e5/detection

45.142.212.230:35200

# Reference: https://www.virustotal.com/gui/file/3bc85a3eb884b50ceb7bf5381da90a9a11f09e391e07b83e0282a82785350b7f/detection
# Reference: https://www.virustotal.com/gui/file/34ca4e801f564dcfb1127a5ae465dcc7d7d373cdc7e37100c35ad16674a55f7e/detection
# Reference: https://www.virustotal.com/gui/file/cba63e60e59908658fecb77568330190dbc1f4da6ae3865706ca3646a25c0acb/detection
# Reference: https://www.virustotal.com/gui/file/5f9b13cd9f440149d79fbb4f052a4cb71c433d246f751e7ab2d95f7f31d1e878/detection

45.142.212.246:6677
doshofater.ru
iwakalong.ru
watashinonegai.ru
0qwl.doshofater.ru
b.watashinonegai.ru
t37b.iwakalong.ru

# Reference: https://www.virustotal.com/gui/file/0ffd47b05c0ecd8825e70f6b238cd34dc7172713da517a6a5d956eacad5c9345/detection

onesine.ru

# Reference: https://www.virustotal.com/gui/file/c09168fee1a053be8b6d1c2a0533b9adf6a84ecf2467bae6ca9beaae7fe3d528/detection

http://45.142.212.171
45.142.212.171:6677

# Reference: https://www.virustotal.com/gui/file/0684df47e885ab1f70b2ee3fcfd5d2fa3e3ae1155f11acd6bcddaea4022d36aa/detection

185.231.70.207:24867

# Reference: https://www.virustotal.com/gui/file/2e60a02d193c35594b4fa5e71448a859ec2597a7ac1efc4c08d695124fd46e3e/detection
# Reference: https://www.virustotal.com/gui/file/fe8cfe3cf7c5b6909b53eab29b5a25fbd913eefa5592b93102ed092adf52e3ad/detection

http://45.142.212.168
hudosntfll.ru
qbfh.hudosntfll.ru

# Reference: https://www.virustotal.com/gui/file/626f8bf47a2450b92bb468cbb3e7d4e3ab9836fe03e149fdbfe243600c0aa59d/detection

45.142.212.160:35200
stjbg.ru
4nmb2f.stjbg.ru
/UVKuWpQAwjuRp

# Reference: https://www.virustotal.com/gui/file/93813356112a0fc80638068a08d4d214abf31aaf4391371c3a0882756426de78/detection
# Reference: https://www.virustotal.com/gui/file/562d1d0a70281ec1f125c77a08ce35dddab3e949ba064dcaaf14a6836683dc91/detection

http://45.142.212.160
ssigu.ru
/nuboqqPzZnWT

# Reference: https://www.virustotal.com/gui/file/6de8d07e8ad5351b516844321e8060321282d88d3158a3e25f7f22b19dff01c2/detection

45.142.212.146:3152

# Reference: https://www.virustotal.com/gui/file/ed5f21e1eab6d1c0422e6d4c641140934f3a90409cb66de2f8f8fae798b3a3fb/detection
# Reference: https://www.virustotal.com/gui/file/efb0bb7cd863e3bb9939207b7ec5f2e068fefe6d4af7eac9183f05c72b67886d/detection
# Reference: https://www.virustotal.com/gui/file/7458f925f71b5e15d6cd06d7d0470cebdb5d346ae2bee66b7ec56a05824ad089/detection

45.142.212.146:59317
hellomir.ru
magicnow24.ru
pycharm3.ru
33vv.magicnow24.ru
u1y.pycharm3.ru

# Reference: https://www.virustotal.com/gui/file/f1474201daa0f804b4f77efd30edb6365905641be126838831e8342887582789/detection

45.142.212.126:6677

# Reference: https://www.virustotal.com/gui/file/05a0f7012de4482c552ffef69727209731444449357282ff49037f36503fbfa9/detection

45.142.212.122:21523

# Reference: https://www.virustotal.com/gui/file/2d5549816f794402b7ba4b65f640ac0a11fe79635404c26d37dad08c74dce13e/detection

naabeteru.ru
kf.naabeteru.ru

# Reference: https://www.virustotal.com/gui/file/0fabd27b65f3ea0d5648cc448634861fc872bb0cf1e27428eefe4d686a6e18d1/detection

45.142.212.88:26678

# Reference: https://www.virustotal.com/gui/file/4d9d7340aa0079196417994696f958bfadb6b6b690c7fb9831d2ef5987097b2f/detection

45.142.212.78:35253

# Reference: https://www.virustotal.com/gui/file/9a863f2648e1af4e0e69a0e1d0338b8fa9b1ebe176322233e67fa8dc31db6d0f/detection

45.142.212.70:38058

# Reference: https://www.virustotal.com/gui/file/741d1010fec98b13a8c283abbaf513192fe7705a74e0a7c1dda5d6c60fe54758/detection

yjn.initsl.ru
/jknFlRzXdXCJQ

# Reference: https://www.virustotal.com/gui/file/27768abc0b22eba2958185102e2a6db1edc5c22660c8e7257df358a0e6a411e5/detection

http://45.142.212.47

# Reference: https://www.virustotal.com/gui/file/094183d49a8440ca1ad83aee654106006853f6f94d7e5e240214d7f858ed3637/detection

45.142.212.38:5656

# Reference: https://www.virustotal.com/gui/file/c76fd6c7ed907e3a6405dbf0ceaf3b43ad9263e3249808ddb3b9236150c60449/detection

45.142.212.35:35200

# Reference: https://www.virustotal.com/gui/file/db9b4a81a1b185a15dbb9fcfc111a79292e660b8bada8f5829f1d6811efebd38/detection

http://45.142.212.33
157.90.94.153:10190

# Reference: https://www.virustotal.com/gui/file/96904a4ad35d096b8e184071966c6ad7775475a81871dd4312ac859c52b32271/detection

45.142.212.31:59655

# Reference: https://www.virustotal.com/gui/file/8cccca6aac59d334d251577a041b28e2ad3ad5f3ca77f29cdeb61d5847a84593/detection

45.142.212.31:32318

# Reference: https://www.virustotal.com/gui/file/b2ed0950b43b8e576eb84cb6c8a246339512b0604f768ccf958cb9af111e4261/detection

45.142.212.31:12782

# Reference: https://www.virustotal.com/gui/file/7b35f8170c285d42d67f864eac02f0a527233660f15814e01b99a3e51e8be2ab/detection

45.142.212.31:39254

# Reference: https://www.virustotal.com/gui/file/c6cf56ed7728391a40d61fc74cb5bd8ae1fb7c5eec19d62204473b7a4e8a9e7a/detection

45.142.212.28:5215

# Reference: https://www.virustotal.com/gui/file/7f6bac004d9c9eed4477081280287e88150d80d0eefc9d507ec0517d4e261f34/detection

45.142.212.28:35253

# Reference: https://www.virustotal.com/gui/file/bda28d8da6584f4a3c47039e0dfe31d6574fad79da47ca57607d7078135912e5/detection

45.142.212.27:81

# Reference: https://www.virustotal.com/gui/file/b86f0db9d6b71eaa2a6c465eaede83668f26eab3e04305d4e99c6b693075365b/detection

utisgavesh.ru
vu4mw.utisgavesh.ru
/GzfHTJrppiaSNu

# Reference: https://www.virustotal.com/gui/file/7a75b39f819c7b082b6a4b526a4562704d91c72e1eaf209000be92db0beb6780/detection

45.142.212.25:35200

# Reference: https://www.virustotal.com/gui/file/032f64031d903e2baa9cac32a4d9c3bab380f46c590d7e32ed7b6da477b17b86/detection

45.142.212.19:8712
o3.initsl.ru

# Reference: https://www.virustotal.com/gui/file/d93a414dcd88c1bbd854258640fc724079e4dd8c533036c8e1451c5081cda660/detection

45.142.212.16:7766

# Reference: https://www.virustotal.com/gui/file/af154727e37c11a0dd30e2360a1d62a684528eb2e45940af4768f26d89f6c76e/detection

45.142.212.16:7756
lk.thifink.ru

# Reference: https://www.virustotal.com/gui/file/374ce59bc19f61a15cb3a72ee6961d3eaa8d849281a1211f6cfd371da73b9da8/detection

45.142.212.10:35200
zsznosns.ru
3a6747eh.zsznosns.ru

# Reference: https://www.virustotal.com/gui/file/d50fc8f9ae212aaad0d217ba2552558b3d9ad952231a92fa544d3120eb6290ae/detection

zombieled.ru
6hb5.zombieled.ru

# Reference: https://www.virustotal.com/gui/file/ad319d24c53b703175ddbde008fc51b7ec64f69f7391cfdd1e9e16ee1522a5b7/detection

185.215.113.107:61144

# Reference: https://www.virustotal.com/gui/file/cc35931a232870013805cb89aea6151a01fd576cd71d25f2313939e104ef9170/detection

185.215.113.107:1433
78.47.57.179:53221

# Reference: https://www.virustotal.com/gui/file/72e1f2d1f788cc41c213777cdd257fa698e179dd1bab996d5061d70acc79c03c/detection

185.215.113.47:8956

# Reference: https://www.virustotal.com/gui/file/a042d9fc5c62f654d749baaa269da33520339f2c6d9346cbd49644618bed5ed8/detection

178.72.83.86:28762
f0609146.xsph.ru

# Reference: https://www.virustotal.com/gui/file/12ed308fd37ab10271953299e7050e2ee2e07fc8eb76153ede11efb7a4bded25/detection

185.230.143.237:2548

# Reference: https://www.virustotal.com/gui/file/5a962e6116bde82aa809719f0b1872fa7b1d6a477cc915528ee5d06cea4c1b75/detection

185.189.167.130:38637
f0603371.xsph.ru

# Reference: https://www.virustotal.com/gui/file/6f2b31c1a391a70bd10f8b2df8671faddbf7552b4d935448190f276f8542dc4c/detection

45.9.20.149:7526

# Reference: https://www.virustotal.com/gui/file/98a293de8d3eb34cee5e3e8edc9f472323d13a997bdbd2806ac1fe483f5efd14/detection

12jwdjjoiwopksdpi.xyz

# Reference: https://www.joesandbox.com/analysis/535268/0/html

185.114.247.92:49748
cf90453.tmweb.ru

# Reference: https://www.virustotal.com/gui/file/2e201b9794bcbd4f644d7a927b1f0c053002a722a7ba1d1ad3850fe4635ac5d2/detection

45.138.72.143:6677

# Reference: https://www.virustotal.com/gui/file/a7ee420fd3a477e690dab56f47b264dd6c8376941101065d6645716bbf4b6333/detection

213.91.128.133:10060
86.107.197.138:38133

# Reference: https://www.fortinet.com/blog/threat-research/omicron-variant-lure-used-to-distribute-redline-stealer
# Reference: https://www.virustotal.com/gui/file/15fe4385a2289aaf208f080abb7277332ef8e71edc68902709ab917945a36740/detection

207.32.217.89:14588
207.32.217.89:7766

# Reference: https://www.virustotal.com/gui/file/df2dda1b768681835828e2fd3ccde0e04b4cda541c40d24cd52882da39b235b5/detection

185.70.186.133:8080

# Reference: https://www.virustotal.com/gui/file/ed5a02370568674fdf12bae74a035daf1c6fabba84d1a3a0f7baf257ad3a6259/detection

94.103.9.165:45524

# Reference: https://www.virustotal.com/gui/file/18a630378f7b892e5b1a1fe3c1d92ba702fcaac354fa09a175ed039851cf6dbb/detection

135.181.123.52:12073
185.167.97.37:30904
45.67.231.145:10991
94.103.9.165:45524

# Reference: https://www.virustotal.com/gui/file/d6db191fc2aa0285fe4036d91817fa468e688823d90c9134a59b7e257e956040/detection

jooriz.xyz
wxkeww.xyz

# Reference: https://www.virustotal.com/gui/file/4c34df29e88aec5168c9b97ada7aa80118a639a826703ab19521dfa873c4ab28/detection

88.99.35.59:63020
artmy.top

# Reference: https://www.virustotal.com/gui/file/71a749813ca16ab4bbb87085ba0b1f80ac4ca3a99fa565e53ba4997b96708d66/detection

185.215.113.17:48236

# Reference: https://www.virustotal.com/gui/file/0ce801bc104d2a428be3d24c198e4f57d96496ae90cbd6fef146d283207304e9/detection

185.215.113.15:6043

# Reference: https://www.virustotal.com/gui/file/354544bfe20ea09a2e5579471be24e528b9649bfe1b2512ceb568647dcc63e30/detection

185.206.213.148:43383

# Reference: https://www.virustotal.com/gui/ip-address/185.112.83.49/relations
# Reference: https://www.virustotal.com/gui/file/d4a5d17ea7fd7e5d8ec059ad72b44fb71345a673a68ee0c2a35249db0e208d07/detection

95.143.178.139:9006
c9d0e790b353537889bd47a364f5acff43c11f243.xyz
c9d0e790b353537889bd47a364f5acff43c11f244.xyz
c9d0e790b353537889bd47a364f5acff43c11f245.xyz
c9d0e790b353537889bd47a364f5acff43c11f246.xyz

# Reference: https://www.virustotal.com/gui/file/7bd4fd28376a9ae288f781439a6f5fccc41be454400232155ab9e4936430f1a3/detection

5.206.227.11:63730

# Reference: https://www.virustotal.com/gui/file/bf31d8b83e50a7af3e2dc746c74b85d64ce28d7c33b95c09cd46b9caa4d53cad/detection

178.20.44.131:8842
dogelab.net

# Reference: https://www.virustotal.com/gui/file/fdeadd54dd29fe51b251242795c83c4defcdade23fdb4b589c05939ae42d6900/detection

31.42.191.60:62868

# Reference: https://www.virustotal.com/gui/file/891aba61b8fec4005f25d405ddfec4d445213c77fce1e967ba07f13bcbe0dad5/detection

91.243.32.13:1112
c9d0e790b353537889bd47a364f5acff43c11f24.xyz
c9d0e790b353537889bd47a364f5acff43c11f241.xyz
c9d0e790b353537889bd47a364f5acff43c11f242.xyz

# Reference: https://www.virustotal.com/gui/file/8d7883edc608a3806bc4ca58637e0d06a83f784da4e1804e9c5f24676a532a7e/detection

95.143.177.66:9006

# Reference: https://www.virustotal.com/gui/file/bfdcfeecf5b9596257de7aa327baedeac2ab806435c69eefba75479227588bcc/detection

185.215.113.10:39759

# Reference: https://www.virustotal.com/gui/file/d2c4d81ae9ae45af262bf4fe7028eb87923d6929ceed4481379707760522f5e0/detection

http://212.193.30.45
http://45.144.225.57

# Reference: https://www.virustotal.com/gui/file/3289a71bbe761e28e4d5f0d3074116674fcf4ded39c46928dad24c5e089d4664/detection

92.255.57.115:59426
xyzgamev.com
v.xyzgamev.com

# Reference: https://www.virustotal.com/gui/file/0872b951e61b47db12476ae5bbe013b36e04a333c18b6353c603d3bc46a4f6b0/detection

23.88.118.113:23817
45.9.20.221:15590
65.108.69.168:16278

# Reference: https://www.virustotal.com/gui/file/f6ef3e58813125018e32f84cc5d176716308c74e73472d0afef3e8d9ecd34060/detection

104.149.139.42:8080
185.159.70.47:46031

# Reference: https://www.virustotal.com/gui/file/5f94bf50f679c47630b069a9f2754a34308e83f2cc2e9e4e402a061236de5494/detection

185.137.234.33:8080

# Reference: https://www.virustotal.com/gui/file/01a46fe5d3f043fe1b45548a36b63edfd841c1841ec5b6878d10ecab36d81d88/detection

185.215.113.41:15912

# Reference: https://www.virustotal.com/gui/ip-address/185.193.143.204/relations

dasit.top
datenuli.top
lollyboll.top
marrbeivil.top
sait-sait.top
stelfikinmo.top

# Reference: https://www.virustotal.com/gui/file/00402faf91cfc9a4ee7482a7caf04bfa652c496c34126140a93bb517e0323617/detection

109.105.109.162:60784
185.220.101.137:10137

# Reference: https://www.virustotal.com/gui/file/00656b5dc0ef9045efd39b40c55990c765fb74040ad54959c791fa11a88aff12/detection

dependstar.bar
inhibitionclothing.bar
software-services.bar

# Reference: https://www.virustotal.com/gui/file/f2b68fa107745b515e611eee99231eab7e03e022b4ff8af2bfe3b779ffbf61c4/detection

101.99.93.44:21060

# Reference: https://www.virustotal.com/gui/file/a910ecd858f65399ebfbe1f762131b70ff70971ba2a2e56a9c5210fb2d88e687/detection

101.99.93.44:50611

# Reference: https://www.virustotal.com/gui/file/045de5acd7f3b4b0a4d402c17f8779f68ee957e2323ae61b0d1907dcb1a7472c/detection

185.215.113.29:20819

# Reference: https://www.virustotal.com/gui/file/1385c3d747eed12e6e8712a8e32820f6dce44531423d81e2e5763c16f7eb38ff/detection

xtarweanda.xyz

# Reference: https://twitter.com/fr0s7_/status/1487406897137397763
# Reference: https://twitter.com/felixaime/status/1487878089145294848
# Reference: https://www.virustotal.com/gui/ip-address/45.91.203.198/relations
# Reference: https://www.virustotal.com/gui/file/a0d8b4f0f605eae353b842cb4d173ef8b11534cee77ae1283a28af309e28cbb5/detection

google-app-update.com

# Reference: https://www.virustotal.com/gui/file/0275a7b7aa219043d31f1fe5741b5b02c43144ced65c5141badc4ce38581c6b3/detection

185.215.113.83:60722
49.12.219.50:4846
91.121.67.60:51630
94.140.112.68:81
charirelay.xyz

# Reference: https://www.virustotal.com/gui/file/9cfa73de9849eefa8a82a5001da7cf8ea30b482589f9926e90a0789cae11a74d/detection

qqqwweeqw2.temp.swtest.ru

# Reference: https://www.virustotal.com/gui/file/7c50d303638bd232921cd7d28e5e48d16fd6fa2394e8f8b449066d56b7619eb6/detection

94.140.113.77:40800
canalarleliv.xyz

# Reference: https://www.virustotal.com/gui/file/559bf0182971d4ea4f3a3cfa91fbbc6cf7ab4e1b66f73e9809362ac5a4e42f95/detection

104.207.152.55:32767

# Reference: https://twitter.com/stoerchl/status/1491375740214218756

discrodappp.com

# Reference: https://threatresearch.ext.hp.com/redline-stealer-disguised-as-a-windows-11-upgrade/
# Reference: https://www.virustotal.com/gui/file/11d3ee568c8e6c6156bd745a01999e4a15bb0aad7cf84baee4518521419d8bf8/detection

45.146.166.38:2715
windows-upgraded.com

# Reference: https://www.virustotal.com/gui/file/0163e77e8c5cdd0831eade7e1611617325a69b3eb9fb8525afb13c255557325b/detection

185.215.113.39:34737

# Reference: https://www.virustotal.com/gui/file/f514fc38d05bc89fe42fede52437bd40fd1e92c02039c64bbf3d67eef79117ea/detection

45.133.245.64:32710
45.133.245.64:443
manageintel.com

# Reference: https://www.virustotal.com/gui/file/3345aacfaee45bfd1e926f0fc375000347da785fd2b4e9bca70531690d26b2a3/detection

saenedowaiss.xyz

# Reference: https://www.virustotal.com/gui/file/0e748d0654f213eb61a27174cf40a102b38d241185d49cb348cde07350b85c50/detection

23.237.25.226:17677

# Reference: https://www.virustotal.com/gui/file/d9dd99f6e6683449a33ef3ac3b8ea14d2e28612ad2259e87f88c1acaf9f9200b/detection

169.197.141.182:47320

# Reference: https://www.virustotal.com/gui/file/4f7eebabf2f6b0924dbe147d75c0c2109523ef62368d2faf0a11d8e56d00c0c2/detection

92.255.57.154:11841

# Reference: https://www.virustotal.com/gui/file/00745430b1b9a030f2bff0031368a9529226b085a76a1f689e39e6a688a6503f/detection

86.107.197.160:7766

# Reference: https://www.virustotal.com/gui/file/03c20ca5c5cd50b9cf56e52bf197bba32a81a814d9f3389f82546cca3fe1f466/detection

gogamec.com
t.gogamec.com

# Reference: https://app.any.run/tasks/be9b9b2d-fd4a-4d46-a00d-7de43309bdf9/

xyzgamei.com
i.xyzgamei.com
j.xyzgamej.com

# Reference: https://www.virustotal.com/gui/file/02000b5254fc6221b49d3620b910609dd3361f3e23cfa2b88d6f8da7b14ada6a/detection

360devtracking.com
tesslahousse.com
usashit.com

# Reference: https://www.virustotal.com/gui/file/06eef67756efdf21681b66edb0c3bdc7add480a3e33a6923166a5874e5ec0b88/detection

realmoneycreate.xyz

# Reference: https://www.virustotal.com/gui/file/a3eb1e30558a45e8cd56accdf10ed6f551cff6ad427af626f2d9bf0cb3e352be/detection

zakordon.online

# Reference: https://www.virustotal.com/gui/file/99d35c9e785a676ae4a5d01dbe79731d4f189e27c10ca5bd8a8442cfa171670b/detection

45.67.231.194:29525

# Reference: https://twitter.com/pmmkowalczyk/status/1493197986930823171
# Reference: https://www.virustotal.com/gui/file/162b5d4c2ecc52ec10bdbae2ef6b3218419565ffcf369e37a1c4502fc0488c3c/detection

51.79.188.112:7110
82.202.167.202:8303
91.243.59.21:20856

# Reference: https://twitter.com/malwrhunterteam/status/1493659632904114176
# Reference: https://www.virustotal.com/gui/file/0caba418b4b1ec32a00cdd52e3f6f28b7e8de0ffec030cfd8ae661538619b72b/detection

157.90.154.157:56664

# Reference: https://www.virustotal.com/gui/file/ddf039c3d6395139fd7f31b0a796a444f385c582ca978779aae7314b19940812/detection

80.89.229.247:36902

# Reference: https://www.virustotal.com/gui/file/ef3e0845b289f1d3b5b234b0507c554dfdd23a5b77f36d433489129ea722c6bb/detection

185.215.113.205:65531
212.86.102.63:62907

# Reference: https://www.zerofox.com/blog/meet-kraken-a-new-golang-botnet-in-development/
# Reference: https://www.virustotal.com/gui/file/1d772f707ce74473996c377477ad718bba495fe7cd022d5b802aaf32c853f115/detection

95.181.152.184:2021

# Reference: https://www.virustotal.com/gui/file/d742a33692a77f5caef5ea175957c98b56c2dc255144784ad3bade0a0d50d088/detection

http://91.235.129.112
84.38.189.175:12928

# Reference: https://www.virustotal.com/gui/file/3215decffc40b3257ebeb9b6e5c81c45e298a020f33ef90c9418c153c6071b36/detection

95.181.152.184:60000

# Reference: https://www.virustotal.com/gui/file/7c76ca5eb757df4362fabb8cff1deaa92ebc31a17786c89bde55bc53ada43864/detection

185.112.83.22:6663

# Reference: https://www.virustotal.com/gui/file/48c2f53f1eeb669fadb3eec46f7f3d4572e819c7bb2d39f22d22713a30cc1846/detection

185.112.83.22:60606

# Reference: https://www.virustotal.com/gui/file/43f46a66c821e143d77f9311b24314b5c5eeccfedbb3fbf1cd484c9e4f537a5d/detection
# Reference: https://www.virustotal.com/gui/file/8c4294e3154675cd926ab6b772dbbe0e7a49cae16f4a37d908e1ca6748251c43/detection

185.206.212.165:60601

# Reference: https://www.virustotal.com/gui/file/3e4c106e1d7ae13fd98a1b3ebc2a8951c1eabf10bf1dd2047dabc605e3e735be/detection

http://65.21.105.85
65.21.105.85:60000

# Reference: https://www.virustotal.com/gui/file/100205d5f6006017a444d46ada0cb09b792b55c540a0dd6a8186e085ccb4f9ab/detection

213.226.71.125:2021

# Reference: https://twitter.com/malwrhunterteam/status/1497631195605184513
# Reference: https://www.virustotal.com/gui/file/a901704645277224aa21c310fe1fb2d173473abfbf3ad769a604dd514d24497d/detection

46.8.220.88:65531

# Reference: https://www.virustotal.com/gui/file/fe5a3dc2dbb4897be7a9728f11e81edd06242db98b080a05cb9b2fd61f131ff1/detection

178.218.144.95:3000
178.218.144.95:42977

# Reference: https://www.virustotal.com/gui/file/d24d2b6f33fe7df641f5f7f4ebaff22e5e2d036a33269121e6322ccabf946208/detection

135.181.79.37:52491
193.150.103.37:29118
2.57.90.16:15322
212.193.30.113:9295
45.14.49.184:55842
45.9.20.182:52236
51.79.188.112:19842
91.206.14.151:16764

# Reference: https://www.virustotal.com/gui/file/a04effeb80563dbebec0fefb178b265eadc0b7426acf08e36e9d4aacde346f7e/detection

querahinor.xyz

# Reference: https://www.virustotal.com/gui/file/33d5edfef5ffcf3f32ecad4426a11a24069d8e37d3936d528bfb26ff34edbe99/detection

185.7.214.127:32304

# Reference: https://www.virustotal.com/gui/file/128678178e92297dafe7c897802097809eef990a3a8fc7a542355939a3152ac5/detection

hadachannt.xyz
kanagoriyn.xyz

# Reference: https://www.virustotal.com/gui/file/4e0adb8e4da13519b12df1cc2e57e6e3377cf2d10b195bba5973ce8a4d0a1d61/detection

http://185.7.214.8
185.7.214.8:37809

# Reference: https://www.virustotal.com/gui/file/00581e2fa186e5b6f044427945709e2439aad5782b8718c73cd5587d2a65359e/detection

116.203.252.195:22021
92.255.57.115:11841

# Reference: https://twitter.com/jstrosch/status/1503202346456788995

procduo.xyz

# Reference: https://twitter.com/James_inthe_box/status/1504572083023409162
# Reference: https://app.any.run/tasks/a63f4a0a-d552-45e8-8722-a2fe7b02de23/

51.141.54.228:41606

# Reference: https://twitter.com/reecdeep/status/1505812406798270464
# Reference: https://app.any.run/tasks/b795c339-76a7-4ba0-bd8b-f120d0e1980a/

45.133.174.110:32577

# Reference: https://www.virustotal.com/gui/file/dcf13abd1d64739602e0a777a8e076eef4a10b44778c89e62b4f9043ebe3ec98/detection

185.153.198.58:31858
detacher.xyz
kiff.store

# Reference: https://app.any.run/tasks/ebb14c8d-fa90-461e-96fd-ce47eb6b6337/

168.119.164.249:48788
185.215.113.66:26416
185.215.113.7:5186
193.106.191.203:44450
193.106.191.253:4752
193.233.48.58:38989
193.38.235.192:43770
45.9.88.246:43235
62.182.156.185:48571
86.107.197.196:63065
dbazf.club
wailanyrrere.xyz

# Reference: https://www.virustotal.com/gui/file/3c362636f19b4626866ca745bb197ebcc4f2fab1f2bec6b7f208c0748dc39dcd/detection

sokiran.xyz

# Reference: https://www.virustotal.com/gui/file/3c362636f19b4626866ca745bb197ebcc4f2fab1f2bec6b7f208c0748dc39dcd/detection

madgett.xyz

# Reference: https://www.virustotal.com/gui/file/8dcc224c6a9a9ba0fb83eef2c6c23091c906817d4754bd5b315a938f5849d62f/detection

65.108.27.131:45256
ilsvt.co

# Reference: https://www.virustotal.com/gui/file/0c896c8600ddb577903a9c0d19fd9762a9ec28337dc027416bf29fdf3eb899f9/detection

185.215.113.64:25828

# Reference: https://www.virustotal.com/gui/file/03eb59205f453806754b1a677d5d4786431c902f045aef1115ee890b86e7e779/detection

185.215.113.93:7777

# Reference: https://www.virustotal.com/gui/file/033a301cf5c24b5b3e71573becabd22faff68d55c915ca15bf02308252b2fb49/detection

185.215.113.79:41465

# Reference: https://www.virustotal.com/gui/file/016174fc0cab92cf921c65949d9a471b5f2f4e41f14ca27338bc3c7dd4ec7fb6/detection

185.215.113.80:15548

# Reference: https://www.virustotal.com/gui/file/02f584407c459a4c6145d5b16be33264e7d7ec646285c14062e1f2318e0cd318/detection

185.215.113.81:28578
razino.xyz
rdanoriran.xyz

# Reference: https://www.virustotal.com/gui/file/00f0f713967d000891635164e4809410201cdff3c1cd9fe6799398f23d876b46/detection

bitrhost.ru
ergerge.top
ergerr3.top
jo.bitrhost.ru

# Reference: https://www.virustotal.com/gui/file/0b77ce38b10b46b8b682c4a234594b5d86b4eee7f3fe58bdbb56c3f038dd7305/detection

185.215.113.82:31104

# Reference: https://www.virustotal.com/gui/file/002dbfdf524e2eef9c38fa54eb01b911816f8fd5f5c956db638814c849463ff1/detection

185.215.113.83:60722

# Reference: https://www.virustotal.com/gui/file/6b18a223ce8f1f42880a54809880cd5c3a6890955d2469b10ea771dab333871e/detection

135.181.108.219:14534
buildersgate.tech
techtest001.zzz.com.ua
theunderconstruction.site

# Reference: https://www.virustotal.com/gui/file/095ecb0e8424a36dd94fa211103bea37f6e4a36cbc52859c632df60edc00f4be/detection

92.255.85.137:41320
sectigotls.xyz

# Reference: https://www.virustotal.com/gui/file/561b4ba98e1cd37b6223475a9569ff47d2a090dfb7686cdbcf551ae4f8895c9b/detection
# Reference: https://www.virustotal.com/gui/file/efa2f25250c8fcb6d692f34f700cdad01927e31a585cf0bee8bbe29ae72ad13a/detection

151.80.244.179:28710
tlsprotectgo.xyz

# Reference: https://www.virustotal.com/gui/file/cd45debdbac1944c86f804f9095113a6b78403e9bad5ab7dcfd366a206175124/detection

142.202.240.83:21322
62.182.156.185:48571

# Reference: https://www.virustotal.com/gui/file/56cf528c7b47eec296feb89c8314db85d81eaca55b96387360e0ec3e7b6caa1b/detection

2.58.56.230:32022
kengbek3k.mywire.org

# Reference: https://www.virustotal.com/gui/file/1852fb55a2b10a13b1313409e034f32aff0e7fc573cf81ef33a36d4c008215d1/detection

94.124.78.2:32725
cc27890.tmweb.ru

# Reference: https://www.virustotal.com/gui/file/0190c06dcdc98a77cec4771c25fa128ddf7c14a685d7b19a5f34415b4bf18e35/detection

116.202.106.111:9582
185.215.113.20:21921
gumishosaled.xyz
helacanushoc.xyz
igucanitoasi.xyz

# Reference: https://www.virustotal.com/gui/file/8c44a225848bfa48e0c474a64f3545817603efa4e6e7167d6823ecbd0cae58a3/detection

46.246.26.65:1195
daddy.linkpc.net

# Reference: https://www.virustotal.com/gui/file/10c760b38e37d7df4fdb3caa56328e51943ac422018b1261fbd4820cdaa046d3/detection

116.202.24.62:9295
185.215.113.24:15994
193.150.103.37:81
46.8.52.48:9006
65.108.101.231:4974
77.232.40.51:20166
91.243.59.166:5240
91.243.59.167:44301
95.143.177.76:34098
finontitreke.xyz

# Reference: https://www.virustotal.com/gui/file/fc977187beb172eb6a2e93c5721e0768c3c9f1642e168145863f112c36ab27a8/detection
# Reference: https://www.virustotal.com/gui/file/89fe764b09ea5a6c74464ab9302c9e16b9c82356bf992c8da24fa396fa779e64/detection
# Reference: https://www.virustotal.com/gui/file/3e3ab0ba04cd0d6c6c88618439bc9401b4706d39a129cb0ce21717ae29ba9f53/detection

185.215.113.214:5350

# Reference: https://twitter.com/fr0s7_/status/1511652092297023491
# Reference: https://www.virustotal.com/gui/file/749f80e67f2f164450020b9d9c3182c9e935fb5f2535284e754385160e4add2a/detection

31.44.4.97:8027

# Reference: https://www.virustotal.com/gui/file/00b66d6580571a2d656a3592d90e4e27fc0fb639e99938bace317891ca769207/detection

194.104.136.5:46013
212.193.30.113:9295
91.121.67.60:23325
91.206.14.151:16764
91.206.15.183:15322
wensela.xyz

# Reference: https://twitter.com/James_inthe_box/status/1514314395744186378
# Reference: https://app.any.run/tasks/30413f01-a1c0-4e45-afea-00c7288ffe09/

185.158.249.37:39347

# Reference: https://www.virustotal.com/gui/file/028798b77230880eeaf46f0814ac8eee6b35e75cd89383f5cdb36663b04f1a07/detection

193.38.54.110:16360

# Reference: https://www.virustotal.com/gui/file/c1ac4940bdf320423e5473de4ed9b3db61e2e40e19fb7e651afbf66fc7a972bb/detection

193.233.48.87:27941

# Reference: https://cloudsek.com/whitepapers_reports/information-stealer-targets-crypto-wallets-via-fake-windows-11-update/
# Reference: https://otx.alienvault.com/pulse/625fdfc069b64762bb5ea0ec
# Reference: https://lists.emergingthreats.net/pipermail/emerging-sigs/2022-April/030646.html
# Reference: https://app.any.run/tasks/5cc9b70d-ada7-4f12-8d93-01a51e465d5d/
# Reference: https://www.virustotal.com/gui/file/013472eaa2f1f7b3ab4e22750422594df20f5bddb008834fe98b6e7ceb2d2969/detection
# Reference: https://www.virustotal.com/gui/file/ccad45b57622c825930fbc91b4bef69b4213242a6747fbde88fafab209491c1e/detection
# Reference: https://www.virustotal.com/gui/file/23493567b9938ee6b0fe1f75a1761c830d14f7c19628fe57a5823d2378869a2a/detection

http://185.215.113.73
seventyfor.site
siteflortyklamtre.com
windows-11info.com
windows-11info13.com
windows-server031.com
windows11-infoserver.com
windows11-upgrade.com
windows11-upgrade11.com

# Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2022-04-21%20Redline%20IOCs
# Reference: https://tria.ge/220420-phex3agbcj

140.228.29.199:25415

# Reference: https://www.virustotal.com/gui/file/017118612816b95f23b39dbb5a82ea128aaf3afe315ce0314c020a9848dd6d80/detection

downshiftingrace.top
dwefrfgqwgq.top
ghfjfigsk.top
gjfjhqvsh.top
greendayband.top
ojwqfoqkwfaf.top

# Reference: https://www.virustotal.com/gui/file/0ed195ec728ae0cf1d028dfc6682e64f4355b3e33ce4de258f854701dce4ee61/detection

93.115.21.45:27134

# Reference: https://twitter.com/ankit_anubhav/status/1523552925632528385
# Reference: https://app.any.run/tasks/94404bfa-f3ee-484a-96ff-01f4889b9c63/

84.38.132.100:29934

# Reference: https://tria.ge/220509-sx35zsdff5

193.106.191.190:23196

# Reference: https://tria.ge/220509-phstxsdah3

185.45.192.228:81
honantharis.xyz

# Reference: https://www.virustotal.com/gui/file/be778dfd4e57ceae09576d25c2b8caaed89c9bfe05f36e1e02dc00c0954abd24/detection

194.31.98.238:5519
asheesh.duckdns.org

# Reference: https://www.virustotal.com/gui/file/c04802a977e8d933c30def1dddaee61bbfd0625616960bf05352814b1a002679/detection

212.193.30.202:29580
crossred9188.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ffe7e2b51fc28b4f931af8b4eb8b6907a6e8cb51823267db6f30895b9b98e966/detection

104.224.30.55:34261
hustlegang.duckdns.org

# Reference: https://www.netskope.com/blog/redline-stealer-campaign-using-binance-mystery-box-videos-to-spread-github-hosted-payload

51.89.155.45:22595

# Reference: https://www.virustotal.com/gui/file/93708ec7bc1f9f7581cc2e1310a46000ad38128e19eb1e92db88e59d425b3e15/detection

http://212.192.246.217
5kdfbjghdf5.monster
oneservercubo.xyz

# Reference: https://www.virustotal.com/gui/file/c2f18622d283e30b3512d724e53b40c3cfea9979a1866024ad5c23327972b11b/detection

212.192.246.217:4444
212.192.246.217:7777
doggorandom.xyz

# Reference: https://www.virustotal.com/gui/file/05a3028bc4f10ff3387b486c171178f7d5a4864de59f6693d2dcbdae035820d1/detection

109.107.174.10:1702
149.202.88.172:15126
185.215.113.24:15994
193.106.191.197:23196
193.124.22.10:5241
46.8.220.88:65531
65.108.101.231:14648

# Reference: https://www.virustotal.com/gui/file/4c3a593236b925043fa94dc96211707c80714c3486bbf43adbca816f49065473/detection
# Reference: https://www.virustotal.com/gui/file/79039612f9ed648b73de0a2e4a7dd8cec1562790bd84b9e5cc2a3a8163997646/detection

185.106.92.91:28672

# Reference: https://www.virustotal.com/gui/file/8dff4de812afa601f532ee31ece501ab19683d379804c5746d4659f041df1ad3/detection

92.119.113.176:1291

# Reference: https://www.virustotal.com/gui/file/b3c1e24f0bb14830b448d9f7e1663eeeac5da4d7f7dc078fd8d00f910e891f3f/detection

91.243.59.61:17460

# Reference: https://www.virustotal.com/gui/file/7f57705a95aea58f631f0d287cf0e6d380fa5c13bc95021997d1bb1d2940534f/detection

91.243.59.61:17890

# Reference: https://www.virustotal.com/gui/file/f7f8a8e497d4fb74d39100de375fb1b44b975ea9fe0f62a1e0259b106b04ecf5/detection

188.34.180.128:23899

# Reference: https://twitter.com/reecdeep/status/1530182872790880259

140.228.29.125:50298

# Reference: https://twitter.com/malware_traffic/status/1529219133895847939

65.109.11.10:8599

# Reference: https://www.virustotal.com/gui/file/02dce7f57e4933edf84cbe525d8115defd5ecafd5b2b203be6a2ec7aa0099bc7/detection

141.95.211.151:34846

# Reference: https://www.virustotal.com/gui/file/05a584d1ab8ab7cc424fdb8671dd6c4e01984d9784301eecec2b201ed676fd86/detection

185.215.113.45:41009

# Reference: https://www.virustotal.com/gui/file/00041f130d48480c52136a7edc2404b8ee62e626d4e41caddf956e564526aea3/detection

45.138.157.149:59227
88.198.119.112:14961

# Reference: https://twitter.com/unmaskparasites/status/1532822021259743232
# Reference: https://twitter.com/MBThreatIntel/status/1532853281453527040

distcumsrariwantecn.cf

# Reference: https://www.virustotal.com/gui/file/fc1026ae3ccdc9436a3f577815b86b945b24ab6efec660665ed0fe38f47002ce/detection

185.250.148.76:30337

# Reference: https://www.virustotal.com/gui/file/2cf7f62a48646f888c300c8eb7e68f549dcee178e29517fe5eee11f0e2470644/detection

185.250.148.221:51931

# Reference: https://twitter.com/faisalusuf/status/1536952335775195137
# Reference: https://app.any.run/tasks/ab739981-8f3a-4367-be49-17de8dbac4b4/

185.105.1.173:82

# Reference: https://www.virustotal.com/gui/file/14ec3101bdf8be92ce57e7fffb00fbc991f2a3ef7265728b7380c5d989c1324c/detection

kitchenandfardenusa.com

# Reference: https://www.virustotal.com/gui/file/de8a7cd86d3be3f09485751a44282fc3df6493109e0f42a4efa9344b7eca236a/detection
# Reference: https://www.virustotal.com/gui/file/c42bc66cef51f7e57891bd3257aa6e92745cf20a075c3bd5b78ece02b2b3e0f3/detection

84.32.188.178:81
i3mb58.info
m360li.info

# Reference: https://www.virustotal.com/gui/file/fcb37377c92e74da0ad88d41c0604ba487788110a2b72323375da121508ad2d6/detection

185.106.92.110:2819

# Reference: https://twitter.com/Jane_0stin/status/1539646196179841024
# Reference: https://app.any.run/tasks/468748fc-c2b2-45c4-afb5-476c8fe9f026/
# Reference: https://www.virustotal.com/gui/file/925ca1581523ed6f1cb35ceb4eeefba6d610af7cddca63d46dcdce8bdba62591/detection

185.106.92.110:5555

# Reference: https://www.virustotal.com/gui/file/fb2ee4aeabe5975a9ea1043d50e631162111acffb89fb0c654f272c37cea6695/detection

45.142.122.179:36803

# Reference: https://twitter.com/James_inthe_box/status/1539639477676568576
# Reference: https://app.any.run/tasks/28fbdc09-5d28-4ad6-a1ee-100b0da2fd85/
# Reference: https://www.virustotal.com/gui/file/d265ff1a19ce34ed711e0ff15461ef975a1dc61cff3bd2c1a2877a35daa84cf8/detection

45.142.122.179:51568

# Reference: https://www.virustotal.com/gui/file/df8c1cee8ef77367a69b955f4cb32120d48ffcb49273fcb3c7017fd7fb68746c/detection

45.142.122.179:7777

# Reference: https://twitter.com/pmelson/status/1541472278382366720
# Reference: https://www.virustotal.com/gui/file/78d88a6ac29625636a7433e358459a8cdfb837c853f6a149ceea102e707997f3/detection
# Reference: https://www.virustotal.com/gui/file/50e2444e832e4c3ed711fcf27c038967c2c5f5037a4e0ea2cc6d53ef6ac54cfb/detection

34.174.95.150:12345
34.174.95.150:54865
judithabusufaitdyg.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0a1a8cde3ae2b38c15c812eb9a460e21ce7bdb82d0a69586b202898d56e0afa7/detection

46.138.71.75:50191

# Reference: https://www.virustotal.com/gui/file/1ba4f1dc0c8080788f40b27d987e6895e7a8b7611088bc59b6c17da10d86f08d/detection

11.41.11.44:50101
141.95.140.173:33470
179.43.142.162:41149
179.43.142.162:7777

# Generic

/IRemotePanel
/NewtonsoftJsonDateParseHandling20201
/NewtonsoftJsonSerializationSerializationCallback68342
/NewtonsoftJsonUtilitiesParserTimeZone85663
/PrivateImplementationDetailsSystemDatanetmoduleStaticArrayInitTypeSize3677
/SystemCodeDomCompilerCompilerErrors
/SystemCodeDomCompilerCodeParser10831
/SystemDataCommonUnsafeNativeMethods82805
/SystemComponentModelLocalizableAttributer
/SystemNetFtpWebRequestRequestStage38750
/SystemServiceModelChannelsApplicationContainerSettings9021
/SystemServiceModelChannelsPeerDoNothingSecurityProtocolFactory70772
/SystemServiceModelComIntegrationMonikerBuilder56960
/aBJXGuRWOOChT
/AwFPxyYrZDZZ
/bBAFKbdpDn
/bfiVAuLpfWqFk
/BGPafgTxUo
/BLqbUofdaQ
/bOWOalKGRnZO
/clPbZdgzZHNSt
/datPLwhdNbHfyf
/DNTRuwkUqoU
/DzkDWttwvoKbbU
/eCWRTDeWaY
/eiHJVeZlZel
/enhxvoOXjm
/eslgJjBiaFSNie
/EZPJPntjaS
/EzudSRBBoyErr
/fjGCWmatSetaRk
/fmEsTfSlOS
/fpBPPYvLzGZg
/FSeSOsewQarRTk
/fVdDrjDBVqOTl
/FzTzVrETDAia
/GHIpuVQdtOjs
/gUqsvtGNvbl
/GSTdsemDLfnLCY
/GVAzNZIWJb
/gVRyWoARuqUFQx
/gwrbuDQXVZ
/hohOqRFfjGTYKT
/hZLaJtFVgqkK
/iifnWYFiwLVOv
/IsTrhNVvNvzbg
/jbBdzcgnxNedWq
/JBiYmOBvruue
/JHNWmfCudW
/JikYAqBrCza
/HhHKSplglZv
/kcSFSDJucG
/kCuZEqRvDTx
/KEwkPdfCYc
/KszXJVpeOaaY
/lIaAPypbOQh
/LJKqqYAKjeYev
/mQTZdKLkCHu
/NewtonsoftJsonSerializationNamingStrategyu
/NewtonsoftJsonUtilitiesThreadSafeStoreJ
/nfKStcgBiB
/nJhdCfcerUrYW
/NnmOVfiRPRYUVO
/nrjUuvwsqu
/NylanLKUyBi
/OHerqvVJkjjot
/OmJhllkytEX
/oXNrGlbrzdosnE
/PuIHhXAOUC
/qgfdoLbtlFQUSL
/QyxObytOCfc
/rRLBdSgitz
/RKzBKDTXdTsw
/SiPZeKLkObaa
/SSiFruVhJW
/sUrocprvLWhsf
/SwktNtqpEKK
/SystemCodeDomCodeDirectionExpressionF
/SystemCodeDomCodeRegionDirectiveH
/SystemDataOleDbOleDbTransactionWrappedTransactionz
/SystemNetAutoWebProxyScriptEngineAutoDetectorH
/SystemNetBufferAsyncResultv
/SystemNetNetworkInformationMibIcmpInfot
/SystemNetWebExceptionStatus22274
/SystemRuntimeInteropServicesComTypesFORMATETC56125
/SystemSecurityCryptographyCAPIBasePROVENUMALGSEXr
/SystemSecurityCryptographyCAPIBaseCERTPOLICIESINFOB
/SystemServiceModelSecurityWSSecurityXXX22902
/SystemUriTemplateTableFastPathInfo24807
/tsjqTRFZqPJn
/TTYeJZsWYoNm
/UHFoSlidyYFoX
/upjzQJjqpU
/UTAeubRxbj
/UVKuWpQAwjuRp
/vbhoCRCLHjTJdC
/VyiDlXEoff
/wEjHKwmDQOSc
/wnTaBpnHzWwvi
/wulgBGSVwHvFD
/XKZwsujmGgrL
/xspZxirSlNuWL
/YatJcrUyyU
/YNXdQGPwfTZ
/YvGqvGmCji
/YXvnDxrXscmv
/zjLDVpxTeL
/ZPAypYNCtN
/ZRVdzdkoBGtcY
/ZTuYirtfLBuyu
/ZxETnyofta
/zZmDkRbdCVdkSA
/Gn4zLVJFa3.php
